Lead - IAM Platform Architecture & Engineering

About The Position

Requirements

• 15+ years of experience in Identity and Access Management architecture, identity security engineering.
• Deep expertise in: authentication architectures identity federation and trust protocols identity governance frameworks privileged access security machine identity and workload identity models
• Strong experience designing IAM architectures for cloud-native, SaaS, and hybrid enterprise environments.
• Deep knowledge of identity protocols including SAML, OAuth2, OpenID Connect, and token-based authentication frameworks.
• Experience implementing Zero Trust identity security architectures.

Nice To Haves

• CISSP or equivalent cybersecurity certification
• Microsoft Identity / Azure security certifications
• IAM-specific certifications

Responsibilities

• Identity Security Architecture & Trust Frameworks Define and evolve the enterprise identity security architecture and identity trust model.
• Design identity architectures supporting workforce, external, privileged, and machine identities across hybrid and cloud environments.
• Establish identity trust boundaries, authentication flows, and authorization models across enterprise systems.
• Define enterprise identity policy enforcement models supporting Zero Trust access architectures.
• Design identity federation architectures using SAML, OAuth2, OpenID Connect, and token-based identity frameworks.
• Define identity trust relationships across enterprise identity providers, SaaS platforms, partner ecosystems, and external identity providers.
• Establish identity session management, token security, and authentication lifecycle standards.
• Define enterprise access control models including RBAC, ABAC, and policy-based authorization.
• Design identity policy enforcement patterns using centralized policy engines and identity-aware access controls.
• Define access policies supporting risk-based authentication and contextual access controls.
• Design security architecture for non-human identities including service accounts, application identities, API credentials, and workload identities.
• Define identity models supporting microservices, containers, APIs, and cloud-native workloads.
• Reduce enterprise identity attack surface through automated identity lifecycle and least-privilege access controls.
• Design identity architectures supporting multi-cloud environments, SaaS ecosystems, and modern application platforms.
• Define architecture supporting B2B partner access and B2C external identity models.
• Enable identity-driven access control across enterprise applications, APIs, and digital services.
• Define architecture supporting identity threat detection and identity risk monitoring.
• Integrate identity platforms with security operations monitoring and threat detection frameworks.
• Design controls to detect and mitigate credential compromise, privilege escalation, and anomalous authentication activity.
• Establish identity telemetry patterns enabling identity-based security analytics.
• Define enterprise identity architecture standards, design principles, and technical reference patterns.
• Lead architecture governance for IAM integrations across enterprise applications, cloud platforms, and infrastructure services.
• Conduct architectural reviews of identity integrations and authentication models for new systems.
• Provide technical guidance to engineering teams implementing IAM services and integrations.
• Identity Innovation & Technology Strategy Evaluate emerging identity technologies including: passwordless authentication identity threat detection decentralized identity machine identity security Guide enterprise adoption of new identity capabilities aligned with security architecture strategy.
• Contribute to the evolution of the enterprise identity technology roadmap.

Benefits

• health insurance
• wellness and family support programs
• life and disability insurance
• retirement savings plans
• paid leave programs
• education related programs
• paid holidays and vacation time