Identity Access Management Architect
About The Position
Reporting directly to the Head of Cloud Security, you will serve as the IAM Architect across our workforce, customer, and partner domains. We’ve moved past the basics; our stack is built on Zero Trust principles, featuring SPIRE, Open Policy Agent (OPA), and a custom-built group management engine. We need a leader who can navigate the space between high-level strategy and deep-stack execution. You will own the full IAM lifecycle, evolving our existing infrastructure into a scalable, modern ecosystem that serves as a competitive advantage for our operations. In this role you will Develop and champion the target-state IAM architecture and roadmap, ensuring alignment with overall business strategy and security requirements. Lead the evaluation, selection, and deployment of new IAM products and technologies (IGA, PAM, AM, Directory Services). Define and govern IAM policies, standards, and procedures with cloud first infrastructure. Provide architectural guidance for complex access control models, role engineering, and segregation of duties (SoD) enforcement. Architect solutions for Federation/SSO , ensuring secure and seamless access for partners and customers. A deep understanding of access models such as RBAC, ABAC, PBAC.
Requirements
- 10+ years of progressive experience in Information Security, with at least 4 years focused on architecting and implementing IAM solutions in a large enterprise environment.
- Expert-level knowledge of at least one major Cloud Identity Provider (e.g., Azure, AWS IAM) and/or a major Customer Identity and Access Management (CIAM) platform.
- Deep understanding of core IAM protocols: SAML, OAuth 2.0, OpenID Connect (OIDC), SCIM, and LDAP .
- Technical Skills (must have experience in at least some of the following areas): Identity Governance and Administration (IGA): SailPoint, Saviynt, Conductor One, or similar. Privileged Access Management (PAM): CyberArk, HashiCorp Vault, Delinea, or similar. Multi-Factor Authentication (MFA): FIDO2/WebAuthn, biometric solutions, or platform-native MFA tools. API Security: Protecting APIs using OAuth scopes and claims.
- Strong analytical, problem-solving, and communication skills.
- Ability to create clear, concise documentation (architecture diagrams, design documents).
- A deep understanding of access models such as RBAC, ABAC, PBAC.
Nice To Haves
- Proven ability to lead complex IAM solutions from concept to production.
- Ability to influence and collaborate with other areas of the business.
Responsibilities
- Develop and champion the target-state IAM architecture and roadmap, ensuring alignment with overall business strategy and security requirements.
- Lead the evaluation, selection, and deployment of new IAM products and technologies (IGA, PAM, AM, Directory Services).
- Define and govern IAM policies, standards, and procedures with cloud first infrastructure.
- Provide architectural guidance for complex access control models, role engineering, and segregation of duties (SoD) enforcement.
- Architect solutions for Federation/SSO , ensuring secure and seamless access for partners and customers.
Benefits
- The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
