REMOTE Lead Consultant - Identity Access Management

Job#: 2027459

Job Description:

Lead Consultant - Identity Access Management
The position:
Apex is searching for a skilled professional with excellent consultative abilities to assume the position of a Lead Consultant in Identity Services. This role will serve as a prominent Identity expert at Apex, collaborating with internal and client project teams to offer strategic direction, designing, implementing, and supporting our Identity solutions and governance processes for our client's Identity programs. The Lead Consultant will also provide technical support for Apex sales, solution management, and account teams during the scoping of new Identity opportunities.

Responsibilities:

• Lead end-to-end Identity projects, including requirement gathering, solution design, implementation, testing, and deployment using leading Identity platforms such as SailPoint, Saviynt, AWS Cognito, Okta, Ping Identity, CyberArk, HashiCorp, AzureAD etc.
• Define and implement comprehensive identity governance and administration processes, including access request, provisioning/de-provisioning, role management, access certification, and policy enforcement across various Identity platforms.
• Architect, design, and document solutions that align with industry best practices and address business needs.
• Work across customer and vendor teams to deliver Identity best practices for on-premises, edge, hybrid and cloud-based solutions.
• Conduct assessments of the clients existing Identity infrastructure, identify risks, growth opportunities and vulnerabilities, and recommend executable strategies.
• Create customer delivery documentation such as implementation and configuration documents, test plans and run books.
• Establish and provide metrics that provide visibility into the performance and efficiency of our customers Identity ecosystem.
• Establish and enforce Identity governance policies, standards, and procedures to ensure compliance with industry regulations.
• Collaborate with auditors and stakeholders during compliance audits to provide documentation and support.?
• Lead a team of Identity engineers, providing guidance, mentorship, and technical expertise.
• Collaborate with cross-functional teams, including security, IT operations, and application teams, to ensure seamless integration of Identity solutions.
• Foster a culture of innovation, collaboration, and continuous improvement within the Identity team.
• Maintain awareness of new and emerging trends and technologies in the Identity space, evaluate and recommend new Identity technologies, strategies, and enhancements.

Experience:

• 10+ years experience and expertise in leading enterprise wide Identity implementations around access governance, management of identities, attestation programs and identity policy management.
• Specific architecture experience with SailPoint IdentityNow specifically within SailPoint IdentityNow and Saviynt IGA.
• Experience implementing and configuring PAM tools such as CyberArk, HashiCorp, and Delinea.
• Experience Implementing MFA/SSO solutions, including using tools like PingID, Duo, Azure MFA, Okta, Google Authenticator, and/or RSA SecurID
• Leadership over Identity engineering, governance, and compliance teams
• Development of governance and technical documentation with consideration of security controls, best practices, compliance, and regulatory frameworks
• Collaborate with cross-functional teams to gather requirements, assess system impacts, and ensure successful Identity platform deployments.
• Experience with Identity services, APIs and frameworks in cloud environments such as Microsoft Azure, Amazon Web Services, or Google Cloud Platform
• Establish frameworks for periodic attestation schedules, policy controls and Separation of Duties (SoD)
• Experience in developing expiring access policies, and conforming business and technical role policies
• Develop top-down and bottom up roles (RBAC) for assignment of access, birthright and identity changes to manage access risk
• Experience managing a backlog and delivery team of technical and non-technical professionals
• Leadership experience and executive level communication and facilitation skills across technical and non-technical stakeholders
• Excellent written and verbal communications skills including demonstrated proficiency in clearly communicating technical concepts to non-technical audiences in business terminology
• Ability to maintain a high degree of professionalism in all client communications
• Ability to influence others, build relationships, and manage conflicts
• Highly motivated, consultative, problem solving mindset
• Brief management, as needed, on the status of action items and/or results of these activities

Technical Requirements:

• Bachelor's degree in Computer Science, Information Systems, or a related field.
• Relevant Identity tool certifications (SailPoint, Saviynt, CyberArk, Okta)
• Proven experience as an IAM Engineer, and hands-on experience with SailPoint, Saviynt including design, configuration, and customization of workflows, rules, and connectors.
• Deep understanding of Identity principles, concepts, and best practices, including access control, authentication, credential verification, machine identity, identity provisioning, etc.
• Background with design and implementation of Single Sign On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM) controls and platforms
• Strong knowledge of authentication technologies, standards, and protocols, such as SSO, OIDC, SAML, LDAP, OAuth, and SCIM.
• Experience working with cloud-based IAM tools and supporting infrastructure.
• Experience onboarding authoritative sources and applications through various methods (e.g., custom APIs, flat files, etc.).
• Hands-on experience with databases (such as Oracle, MSSQL, MySQL).
• Experience with programing languages with Java or BeanShell and PowerShell.
• Experience working with web technologies such as XML, SPML, Web Services (SOAP/REST), web and application servers.
• Strong problem-solving skills, ability to analyze complex issues, and implement effective solutions.
• Excellent communication and interpersonal skills, with the ability to collaborate with cross-functional teams and lead technical discussions.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.