Identity & Access Management (IAM) Architect

San R&D Business Solutions LLC

1d•Remote

About The Position

We are seeking a highly experienced and forward-thinking IAM Architect to lead the design, implementation, and optimization of enterprise Identity & Access Management solutions. This role requires deep technical expertise across Identity Governance (IGA), Access Management (AM), and Privileged Access Management (PAM), combined with strong architectural leadership and strategic vision. The ideal candidate will design scalable, modern identity frameworks across cloud and hybrid environments while aligning security, compliance, and business objectives.

Requirements

10+ years of experience in IAM or related security domains
Expert-level experience in:
IGA: SailPoint or Saviynt, Entra ID Governance
AM: Okta, Entra ID, SSO, Federation, MFA
PAM: CyberArk (PIM, PSM, Vault, EPM)
Strong experience designing IAM architectures for Azure and AWS
Hands-on expertise with SAML, OAuth, OIDC, and directory services
Proven experience integrating IAM with SaaS, cloud, and on-prem applications
Strong architectural design, analytical, and problem-solving skills
Excellent communication skills with ability to influence stakeholders

Nice To Haves

Experience implementing Zero Trust identity models
DevSecOps and CI/CD pipeline IAM integrations
Knowledge of SOX, HIPAA, NIST, ISO27001 frameworks
Scripting skills (PowerShell, Python) for IAM automation
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
Microsoft Identity (SC-300), Azure Architect
Okta Consultant/Professional
SailPoint or Saviynt certifications
CyberArk Defender/Sentry/Guardian
CISSP, CCSP, or equivalent security certifications

Responsibilities

Identity Governance & Administration (IGA):
Architect and implement enterprise IGA solutions using SailPoint or Saviynt with Entra ID Identity Governance.
Design end-to-end lifecycle management (onboarding, provisioning, deprovisioning, access certification).
Develop RBAC/ABAC models, Segregation of Duties (SoD) controls, and governance workflows.
Establish identity governance frameworks aligned with compliance requirements.
Access Management (AM):
Design and operationalize authentication and authorization services using Okta and Microsoft Entra ID.
Implement modern authentication standards: OAuth 2.0, OIDC, SAML, adaptive MFA, passwordless authentication.
Design Zero Trust-aligned identity architectures for cloud and on-prem applications.
Lead federation, SSO, and conditional access implementations.
Privileged Access Management (PAM):
Architect and deploy CyberArk Privileged Access Security solutions (PIM, PSM, Vault, EPM).
Establish enterprise PAM strategy including secrets management and session monitoring.
Implement least-privilege and just-in-time access frameworks.
Cloud IAM Architecture (AWS/Azure):
Design identity frameworks for AWS and Azure (account structure, federation, IAM roles/policies).
Implement workload identity strategies and cloud security best practices.
Align IAM controls with Zero Trust and cloud-native security patterns.
Architecture & Strategy:
Develop IAM roadmaps, reference architectures, and standards.
Lead architectural reviews, threat modeling, and integration strategies.
Collaborate with security, engineering, compliance, and business teams.
Drive innovation and modernization of enterprise identity capabilities.