Identity Access Management Architect

Aurora Innovation•Pittsburgh, PA

6h•Hybrid

About The Position

Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly. The Aurora Driver will create a new era in mobility and logistics, one that will bring a safer, more efficient, and more accessible future to everyone. At Aurora, you will tackle massively complex problems alongside other passionate, intelligent individuals, growing as an expert while expanding your knowledge. For the latest news from Aurora, visit aurora.tech or follow us on LinkedIn. Reporting directly to the Head of Cloud Security, you will serve as the IAM Architect across our workforce, customer, and partner domains. We’ve moved past the basics; our stack is built on Zero Trust principles, featuring SPIRE, Open Policy Agent (OPA), and a custom-built group management engine. We need a leader who can navigate the space between high-level strategy and deep-stack execution. You will own the full IAM lifecycle, evolving our existing infrastructure into a scalable, modern ecosystem that serves as a competitive advantage for our operations.

Requirements

10+ years of progressive experience in Information Security, with at least 4 years focused on architecting and implementing IAM solutions in a large enterprise environment.
Expert-level knowledge of at least one major Cloud Identity Provider (e.g., Azure, AWS IAM) and/or a major Customer Identity and Access Management (CIAM) platform.
Deep understanding of core IAM protocols: SAML, OAuth 2.0, OpenID Connect (OIDC), SCIM, and LDAP.
Technical Skills (must have experience in at least some of the following areas): Identity Governance and Administration (IGA): SailPoint, Saviynt, Conductor One, or similar.
Privileged Access Management (PAM): CyberArk, HashiCorp Vault, Delinea, or similar.
Multi-Factor Authentication (MFA): FIDO2/WebAuthn, biometric solutions, or platform-native MFA tools.
API Security: Protecting APIs using OAuth scopes and claims.
Soft Skills: Strong analytical, problem-solving, and communication skills. Ability to create clear, concise documentation (architecture diagrams, design documents).

Nice To Haves

Proven ability to lead complex IAM solutions from concept to production.
Ability to influence and collaborate with other areas of the business.

Responsibilities

Develop and champion the target-state IAM architecture and roadmap, ensuring alignment with overall business strategy and security requirements.
Lead the evaluation, selection, and deployment of new IAM products and technologies (IGA, PAM, AM, Directory Services).
Define and govern IAM policies, standards, and procedures with cloud first infrastructure.
Provide architectural guidance for complex access control models, role engineering, and segregation of duties (SoD) enforcement.
Architect solutions for Federation/SSO, ensuring secure and seamless access for partners and customers.
A deep understanding of access models such as RBAC, ABAC, PBAC.