Senior IAM Architect

About The Position

Requirements

• 10+ years of experience in Identity & Access Management (IAM)
• 5+ years of hands-on experience with SailPoint IdentityNow / IdentityIQ
• Proven experience in large-scale IAM transformation programs
• Experience in Financial Services deployments (mandatory)
• SailPoint Certified IdentityNow Engineer (mandatory) with preferred certifications including CISSP, CISM, TOGAF, and cloud credentials across AWS, Azure, or OCI.
• Strong expertise in Identity Governance & Administration (IGA), RBAC/ABAC models, and end-to-end identity lifecycle management.
• Proficient in APIs (REST, SCIM), directory services (AD, LDAP, Entra ID), and familiar with PAM, SIEM/SOAR integrations, and cloud IAM frameworks.
• Solid understanding of financial regulatory requirements, audit frameworks, control validation, and identity risk and compliance metrics.

Nice To Haves

• Experience with leading IGA tools (Saviynt, Oracle IAM, Okta), exposure to Zero Trust architecture, and familiarity with automation, AI-driven IAM, and identity analytics.
• Strong analytical thinking, executive communication capability, strategic mindset with execution focus, and ability to perform in complex, high-pressure environments.

Responsibilities

• Designing Enterprise IAM Architecture using SailPoint IdentityNow and leading IGA platforms, aligned to Zero Trust, Hybrid IAM (Cloud + On-Prem), and scalable identity governance models driving IAM transformation.
• As a SailPoint IdentityNow SME, implementing JML (Joiner-Mover-Leaver) workflows, Access Certifications, Policy-Based Access Controls, and developing connectors, ensuring platform optimization and performance tuning.
• Identity Lifecycle Management, including automated provisioning/deprovisioning, integration with HR systems, AD/LDAP, and enabling real-time access governance.
• RBAC design, role mining and engineering, defining business and IT roles, managing entitlements, enforcing least privilege, and implementing SoD (Segregation of Duties) frameworks.
• Connector architecture and integration, including API-based integrations (REST/SCIM) across AWS, Azure, OCI, enterprise applications (ERP/CRM), and directories (AD/LDAP/Entra ID).
• Aligning IAM with regulatory frameworks such as FINRA, SEC, and SOC 2, along with NIST, ISO 27001, ensuring audit readiness and compliance reporting.
• IAM migration and transformation, including legacy to SailPoint transitions, cloud IAM transformation, data mapping, entitlement reconciliation, and migration roadmap execution with risk mitigation.
• Financial/Wealth Management IAM environments, supporting regulatory compliance, trading systems, payment platforms, and ensuring customer data security and auditability.
• Integrating IAM with SIEM, SOAR, and PAM, enabling ITDR (Identity Threat Detection & Response) and risk-based access controls using contextual signals.
• IAM leadership, engaging with CISO/CIO stakeholders, driving solution architecture, enabling cross-functional collaboration, and mentoring teams.