We are seeking a highly skilled Senior IAM Security Architect to join our information security architecture team. This role requires deep expertise in the design, implementation, and management of IAM security controls, with a focus on identity protection across cloud environments. The ideal candidate will have a strong background in AWS, Azure, and Entra ID, and possess at least 7 years of experience in IAM related security risk assessment and threat modeling.
The Senior IAM Security Architect will be responsible for ensuring the secure and efficient management of user & non-human identities, access controls, and security policies within the organization. This role will also focus on establishing a Zero Trust identity posture, implementing behavioral risk assessments, and driving automation for identity security. Expertise in Single Sign-On (SSO), Multi-Factor Authentication (MFA), and modern authentication protocols is essential.
HOW YOU'LL CONTRIBUTE • Participate in design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements. • Develop security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments. • Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network. • Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control. • Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events. • Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions. • Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets. • Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards. • Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems. • Implement and manage MFA solutions to enhance authentication security, applying risk-based policies to ensure strong protection for sensitive data and critical resources. • Develop and integrate IAM security controls with cloud platforms such as AWS, Azure, and Entra ID, ensuring secure access management across both public and hybrid cloud environments. • Work closely with cloud engineers and architects to align IAM security protocols with cloud service provider best practices, while ensuring compliance with industry standards. • Leverage native security features of cloud platforms (e.g., AWS IAM, Azure AD, Entra ID) to design scalable, secure, and automated IAM solutions. • Lead the migration process from Hybrid Active Directory to Entra-ID based authentication to ensure minimal disruption and proper synchronization and federation across systems. • Develop and maintain security governance frameworks for IAM, focusing on identity lifecycle management, role-based access control (RBAC), user provisioning, deprovisioning, and enforcement of least privilege. • Ensure proper identity governance and access reviews are conducted regularly, documenting changes and exceptions as part of compliance audits. • Collaborate with cross-functional teams, including application security, network security, infrastructure, and DevOps, to integrate IAM security best practices across systems and services. • Stay up to date on the latest IAM trends, security threats, and technology advancements to continuously improve IAM practices and solutions. • Implement security automation tools and workflows to improve efficiency and reduce manual efforts in identity management and access control.
WHAT YOU'LL BRING • Bachelor’s degree in computer science, Information Security, or related field. • Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification. • 9+ years of experience in IAM security, including at least 6 years of experience in IAM risk assessment, threat modeling, and security control design. • Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID. • In-depth knowledge of IAM security best practices, identity governance, and access management policies. • Experience with IAM protocols such as SSO, MFA, OAuth, SAML, OpenID Connect, and identity federation. • Hands-on experience in conducting security risk assessments and threat modeling for IAM systems. • Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments. • Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls. • Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory. • Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments. • Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning. • Experience in implementing and managing SSO and MFA, with expertise in modern authentication protocols such as OAuth 2.0, OpenID Connect, and SAML.
Qualifications
• Bachelor’s in computer science/information technology • Any Degree / certification in Cyber / Information Security, Forensics, Analytics or equivalent • Total Experience: 15 + years.