IAM (Identity and Access Management) Architect

Position: IAM (Identity and Access Management) Architect Location: Plano Tx (Onsite) Experience: 13+ Years W2

• Roles and Responsibilities
  Define and architect enterprise-level IAM solutions aligned with security and compliance requirements.
  Develop scalable and secure IAM frameworks across hybrid or multi-cloud environments.
  Lead implementation of IAM tools like Okta, Azure AD, ForgeRock, Ping Identity, SailPoint, CyberArk, etc.
  Integrate identity services with applications, APIs, and third-party systems.
  Establish role-based access control (RBAC), attribute-based access control (ABAC), and least-privilege models.
  Define policies for identity lifecycle management (provisioning, de-provisioning, recertification).
  Design and implement secure authentication (SSO, MFA, passwordless, biometric).
  Configure authorization mechanisms, API security, and OAuth 2.0/OpenID Connect/SAML protocols.
  Manage directory services (e.g., LDAP, Active Directory) and integrate with federated identity providers.
  Ensure IAM designs comply with industry standards (HIPAA, GDPR, SOX, ISO 27001).
  Collaborate with GRC and InfoSec teams to perform audits and support risk management.
  Monitor IAM logs, alerts, and access anomalies using SIEM tools.
  Drive response to identity-related incidents or breaches.
  Automate identity workflows (using tools like Terraform, Ansible, or custom scripts).
  Integrate IAM processes into CI/CD pipelines and DevOps workflows.
  Collaborate with business units, application owners, and leadership to understand requirements.
  Build IAM roadmap, conduct workshops, and lead proof-of-concepts (PoCs).
  Mentor junior IAM engineers and developers.
  Define IAM best practices, templates, and reusable patterns.