Job Description
Role Overview
The IAM Architect will lead the design, implementation, and optimization of enterprise identity and access solutions, ensuring seamless integration across cloud, SaaS, and on-prem systems. This role will focus on Entra ID (Azure AD), Entra B2C, SAP, and Workday integrations, balancing security, user experience, and operational efficiency.
This is a hands-on technical leadership role, working closely with security engineers, infrastructure teams, and business application owners to drive a modern IAM strategy.
Key Responsibilities
Identity & Access Architecture
• Design and implement a scalable IAM architecture utilizing Microsoft Entra ID, Entra B2C, and other identity platforms.
• Lead integration efforts across SAP, Workday, SaaS applications, and custom-built platforms.
• Define IAM governance models, including role-based access control (RBAC), attribute-based access control (ABAC), and just-in-time (JIT) access.
• Support the adoption of zero-trust identity principles, including MFA, conditional access, and passwordless authentication.
Identity Lifecycle & Automation
• Architect identity lifecycle management solutions, automating provisioning/deprovisioning across HR, IT, and security systems.
• Implement Identity Governance & Administration (IGA) best practices, ensuring least privilege access and role alignment.
• Develop custom integrations and automation scripts (PowerShell, Python, API-based solutions) to enhance IAM workflows.
• Collaborate with HR (Workday) and ERP (SAP) teams to synchronize identity management with workforce operations.
Security & Compliance
• Ensure regulatory compliance (GDPR, SOC 2, ISO 27001) by aligning IAM controls with security frameworks.
• Design and enforce privileged access management (PAM) solutions, securing admin accounts and critical systems.
• Support security audits and identity risk assessments, addressing access anomalies and reducing attack surfaces.
• Enhance identity threat detection and response capabilities in collaboration with SOC and SIEM teams.
Required Skills & Experience
• 6+ years of hands-on IAM experience, with at least 2 years in an architect or senior engineering role.
• Expertise in Entra ID (Azure AD), Entra B2C, and IAM-related Microsoft security tools.
• Experience integrating IAM with SAP, Workday, and other enterprise applications.
• Deep knowledge of SAML, OAuth, OpenID Connect, SCIM, and federation protocols.
• Hands-on experience with identity automation, PowerShell scripting, and API-based integrations.
• Strong understanding of zero-trust architecture, privileged access management (PAM), and adaptive authentication.
• Ability to collaborate with IT, HR, DevOps, and security teams to align identity solutions with business needs.
Preferred Qualifications
• Certifications such as Microsoft Certified: Identity and Access Administrator, CISSP, GIAC-GIAM, or Okta Certified Architect.
• Experience with Azure AD Conditional Access, Defender for Identity, and Entra Permissions Management.
• Knowledge of Identity Governance and Administration (IGA) platforms like SailPoint or Saviynt.
• Familiarity with DevOps and cloud security best practices in AWS/Azure environments.
Apply Now
Apply Now