IAM Architect

Title: IAM Architect

Locations: Fort Mill, SC (outside of Charlotte, NC)/ Austin, TX / San Diego, CA - 3x hybrid contract only on w2

Notes:

• IAM Architect
• Tech: Ping & Entra are most important
• Ideally has Merger & Acquisition experience but can flex if someone has heavy consolidation/migration experience on resume

Full job description (lengthy):

• We are seeking an experienced Identity and Access Management (IAM) Architect to lead the design, implementation, and integration of IAM solutions as part of a merger and acquisition (M&A) activity for a wealth management firm.
• The ideal candidate will have expertise in Microsoft Entra ID (Azure AD), SailPoint IdentityIQ (IIQ), SailPoint Identity Security Cloud (ISC), PingOne Advanced Identity Cloud (AIC), CyberArk, Auth0, CoreView, and Directory Services.
• This role will focus on discovery, design, and implementation of IAM solutions for the new organization, ensuring seamless integration of systems, secure access, and compliance with industry standards.
• The IAM Architect will play a critical role in designing and implementing SSO, MFA, and federation solutions (SAML, OAuth, OIDC) to enable secure and efficient access for users during the conversion process.
• Additionally, the role will involve early access federation for the acquired organization during the transition and the development of a comprehensive IAM strategy for the new organization.
• The IAM Architect will partner with engineering, security, infrastructure, and application teams to define and implement identity solutions that support business and security objectives.

________________________________________

Key Responsibilities

1. Discovery and Assessment:

o Conduct a detailed discovery of the acquired organization s IAM infrastructure, including Entra ID tenants, directory services, and existing IAM tools.

o Assess the current state of SSO, MFA, and federation implementations (SAML, OAuth, OIDC) in both organizations.

o Identify gaps, risks, and opportunities for improvement in the IAM landscape.

2. Design and Architecture:

o Design comprehensive IAM architecture for the new organization, ensuring alignment with business goals, security requirements, and compliance standards.

o Develop a federation strategy to enable early access for the acquired organization during the conversion process.

o Architect solutions for SSO, MFA, and federation to ensure seamless access for users across systems and applications.

o Design and implement Entra ID tenant consolidation or coexistence strategies for the new organization.

3. Implementation and Integration:

o Lead the integration of IAM platforms, including Entra ID, SailPoint IIQ, SailPoint Identity Security Cloud (ISC), PingOne AIC, CyberArk, Delinea, Auth0, CoreView, and Directory Services.

o Implement SSO and MFA solutions for secure access to applications and systems.

o Configure and manage federation protocols (SAML, OAuth, OIDC) to enable secure authentication and authorization across organizations.

o Collaborate with IT and security teams to ensure smooth migration and integration of IAM systems.

4. Conversion Planning and Execution:

o Develop a conversion strategy for migrating users, roles, and access policies from the acquired organization to the new IAM environment.

o Ensure minimal disruption to business operations during the conversion process.

o Provide technical leadership and guidance during the migration of Entra ID tenants and other IAM components.

5. Documentation and Communication:

o Update and maintain IAM documentation to reflect the new architecture, processes, and policies.

o Create detailed design documents, runbooks, and operational guides for the new IAM environment.

o Communicate progress, risks, and challenges to stakeholders and leadership.

6. Compliance and Security:

o Ensure the IAM solution complies with industry regulations (e.g., FINRA, SEC, GDPR).

o Implement robust security measures to protect sensitive data and prevent unauthorized access.

7. Collaboration and Stakeholder Management:

o Work closely with IT, security, and business teams to gather requirements and ensure alignment with organizational goals.

o Act as the IAM subject matter expert (SME) during the M&A process, providing guidance on best practices and industry standards.

________________________________________

Required Skills & Qualifications

10+ years of experience in Identity & Access Management or security architecture roles.

Proven experience in IAM discovery, design and integration during mergers and acquisitions.

Experience with tenant consolidation and cross-organization federation for early access during M&A activities.

Strong experience with Microsoft Entra ID (Azure AD), including tenant management, conditional access, and MFA.

Hands-on experience with SailPoint IdentityIQ (IIQ) and SailPoint Identity Security Cloud (ISC) for identity governance and administration (IGA).

Expertise in PingOne Advanced Identity Cloud (AIC) and Auth0 for SSO, federation and customer identity and access management (CIAM)

Knowledge of CyberArk or Delinea for privileged access management (PAM).

Proficiency in CoreView for Microsoft 365 management and governance.

Expertise in federation protocols such as SAML, OAuth, and OIDC.

Strong understanding of Directory Services (e.g., Active Directory, LDAP).

Experience designing cloud-native identity architectures across multi-cloud environments.

Ability to translate business and security requirements into scalable technical designs.

Strong communication, documentation, and stakeholder engagement skills.

________________________________________

Preferred Qualifications

Familiarity with cloud migration strategies and hybrid IAM environments.

Certifications such as CISSP, CCSP, or vendor certifications in SailPoint, Microsoft Entra, or similar.

Experience with zero trust access models and identity threat detection.

________________________________________

Success Measures

Delivery of high-quality identity architectures that improve security posture and operational efficiency.

Reduction in identity-related risk through improved controls, lifecycle automation, and governance.

Successful implementation of IAM solutions aligned to blueprint and strategy.

Strong partnership with engineering, security, and business teams to drive identity modernization.