Domain Architect III(Workforce Access Management Lead-IAM)

Overview

Remote
Depends on Experience
Contract - W2
Contract - 12 Month(s)

Skills

IAM
SSO
FIDO2
Windows Hello
biometrics
Stakeholder
Oracle Access Manager
PowerShell
Python
Microsoft Entra
MFA
DUO
Okta
Ping
and Microsoft Authenticator

Job Details

We are seeking a highly skilled and hands-on Workforce Access Management Lead to drive the modernization of our enterprise access strategy. This role will be instrumental in transitioning from legacy identity platforms to modern, cloud-based solutions like Microsoft Entra, with a strong focus on passwordless authentication, SSO, and risk-based MFA for a diverse workforce including employees, retirees, and partners.

This is a technical leadership role requiring deep expertise in workforce identity, authentication technologies, and enterprise-scale implementation. You will collaborate closely with security, infrastructure, and application teams to design and execute a secure, scalable, and user-friendly access management roadmap.


Key Responsibilities

  • Lead the analysis and migration of authentication services from Oracle Access Manager to Microsoft Entra
  • Design and implement SSO and MFA solutions across a complex enterprise environment
  • Develop and execute a passwordless authentication strategy using FIDO2, biometrics, and Microsoft Authenticator
  • Implement risk-based and adaptive authentication policies to enhance security posture
  • Conduct a comprehensive directory and application inventory to assess migration readiness
  • Collaborate with stakeholders to define the future state architecture and create a phased modernization roadmap
  • Automate identity and access processes using scripting tools (e.g., PowerShell, Python)
  • Evaluate and integrate with other identity providers (DUO, Okta, Ping) as needed
  • Ensure secure access for all workforce personas: employees, retirees, and external partners
  • Provide technical leadership and mentorship to junior engineers and cross-functional teams


Required Qualifications

  • 7 8+ years of hands-on experience in enterprise identity and access management
  • Proven experience implementing SSO and MFA at scale in large enterprise environments
  • Deep understanding of workforce access management (not IAM lifecycle or PAM)
  • Strong knowledge of Microsoft Entra, Azure AD, and Conditional Access
  • Experience with risk-based and adaptive authentication
  • Proficiency in automation and scripting (PowerShell, Python, etc.)
  • Familiarity with legacy systems (e.g., Oracle Access Manager) and cloud migration strategies
  • Experience with passwordless technologies (FIDO2, Windows Hello, biometrics)
  • Excellent communication and stakeholder engagement skills

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.