Identity Access Management Architect
Job Description
Role Overview
The IAM Architect will lead the design, implementation, and optimization of enterprise identity and access solutions, ensuring seamless integration across cloud, SaaS, and on-prem systems. This role will focus on Entra ID (Azure AD), Entra B2C, SAP, and Workday integrations, balancing security, user experience, and operational efficiency.
This is a hands-on technical leadership role, working closely with security engineers, infrastructure teams, and business application owners to drive a modern IAM strategy.
Key Responsibilities
Identity & Access Architecture
• Design and implement a scalable IAM architecture utilizing Microsoft Entra ID, Entra B2C, and other identity platforms.
• Lead integration efforts across SAP, Workday, SaaS applications, and custom-built platforms.
• Define IAM governance models, including role-based access control (RBAC), attribute-based access control (ABAC), and just-in-time (JIT) access.
• Support the adoption of zero-trust identity principles, including MFA, conditional access, and passwordless authentication.
Identity Lifecycle & Automation
• Architect identity lifecycle management solutions, automating provisioning/deprovisioning across HR, IT, and security systems.
• Implement Identity Governance & Administration (IGA) best practices, ensuring least privilege access and role alignment.
• Develop custom integrations and automation scripts (PowerShell, Python, API-based solutions) to enhance IAM workflows.
• Collaborate with HR (Workday) and ERP (SAP) teams to synchronize identity management with workforce operations.
Security & Compliance
• Ensure regulatory compliance (GDPR, SOC 2, ISO 27001) by aligning IAM controls with security frameworks.
• Design and enforce privileged access management (PAM) solutions, securing admin accounts and critical systems.
• Support security audits and identity risk assessments, addressing access anomalies and reducing attack surfaces.
• Enhance identity threat detection and response capabilities in collaboration with SOC and SIEM teams.
Required Skills & Experience
• 6+ years of hands-on IAM experience, with at least 2 years in an architect or senior engineering role.
• Expertise in Entra ID (Azure AD), Entra B2C, and IAM-related Microsoft security tools.
• Experience integrating IAM with SAP, Workday, and other enterprise applications.
• Deep knowledge of SAML, OAuth, OpenID Connect, SCIM, and federation protocols.
• Hands-on experience with identity automation, PowerShell scripting, and API-based integrations.
• Strong understanding of zero-trust architecture, privileged access management (PAM), and adaptive authentication.
• Ability to collaborate with IT, HR, DevOps, and security teams to align identity solutions with business needs.
Preferred Qualifications
• Certifications such as Microsoft Certified: Identity and Access Administrator, CISSP, GIAC-GIAM, or Okta Certified Architect.
• Experience with Azure AD Conditional Access, Defender for Identity, and Entra Permissions Management.
• Knowledge of Identity Governance and Administration (IGA) platforms like SailPoint or Saviynt.
• Familiarity with DevOps and cloud security best practices in AWS/Azure environments.
Apply tot his job
Apply To this Job