Security Architect - IAM

Security Architect - IAM

Remote Opportunity

Security Architect within the Identity and Access Management (IAM) team, you will integrate disruptive technologies, expand CFG's identity services, and enhance workforce security. This technical leadership role involves hands-on definition, implementation, review, and guidance of secure IAM architectures. You will partner with various teams (Business, Engineering, Security, Compliance, Risk) to deliver enterprise-level solutions, providing deep technical knowledge and architectural mentorship on complex projects.

Key Responsibilities

• Develop and design secure platform architectures aligned with enterprise standards.
• Review architectures and implementations for security standard adherence.
• Develop security standards, recommendations, and guidance.
• Evaluate, design, and test IAM technologies for secure, scalable, and cost-effective solutions.
• Guide IAM integration for new tools, including configuration and deployment.
• Perform security assessments across CFG business product lines.
• Participate in code and design reviews to ensure solutions meet enterprise IAM and security standards.
• Collaborate with application teams to guide secure product design.
• Collaborate with functional teams and leadership to align solutions with organizational goals.
• Contribute to technology direction and influence implementation for business improvements.
• Stay current with industry trends to advise CFG identity strategies and strengthen security posture.

Qualifications

Education, Certifications, and Professional Credentials

• Industry certifications such as CISSP, CISM, CCSP, AWS, Azure, or Google Cloud Platform are highly valued.

Experience

• 8+ years of Security Identity experience, with 5+ years as a Principal Architect.
• Experience designing security and identity solutions for 10,000+ headcount organizations.
• Extensive experience designing and implementing enterprise IAM solutions (identity lifecycle, access control, authentication, hybrid cloud security).
• Proven experience leading IAM modernization initiatives (Active Directory, Entra ID, SSO, MFA, PIM, Zero Trust).
• Experience with IAM tools like SailPoint, Okta, CyberArk, HashiCorp, Entra ID, and Active Directory (preferred).
• Strong knowledge of regulatory and compliance frameworks (GDPR, NIST, ISO 27001) and their application to enterprise identity (preferred).
• Familiarity with public cloud platforms (AWS, Entra, Google Cloud Platform) and CI/CD practices (preferred).
• Deep understanding of Zero Trust, SD-WAN, and SASE (preferred).

Skills

Mandatory Skills

• Estimation
• Application Security - Microfocus Fortify-SCA and SAST
• Application Security - Microfocus Fortify DAST
• Network PT
• Attack Surface Management
• Breach Attack Simulation
• Red Teaming
• Mobile Security - MAST Tool Implementation/ Dynamic Analysis (Penetration Testing)/ Static Analysis (Static Code Analysis)/ Remediation Advisory/ Tool Selection
• Architectural diagrams
• Application Security - Black Duck/ Sonartype IQ
• Application Security - Burp Suite
• Application Security - Checkmarx/ Synopsys / Veracode
• Application Security - Rapid 7 (InsightAppSec)
• Application Security (application security framework/ threat modelling/ Secure SDLC/ DevSecOps/Application Security Architecture Review)
• Application Security DAST & Penetration Testing - review/ Implementation/ Scanning/ Secure Code Review/ OWASP/ Remediation Advisor/ Secure SDLC
• Application Security SAST & SCA Tool - review/ Implementation/ Scanning/ Secure Code Review/ OWASP/ Remediation Advisory/ Secure SDLC
• Application Security SAST and IAST - CheckMarx
• Architecture Assessment
• Architecture Governance
• Capacity Planning
• Compliance Evaluation
• Cost Benefit Analysis Method
• Devsecops /Appsec Automation / Appsec Maturity Program
• DevSecOps automation - Jenkins, Ansible, Terraform, GitLab
• Infra Vulnerability Management - Qualys
• Infra Vulnerability Management - Rapid 7
• Infra Vulnerability Management - Tenable IO
• Infra Vulnerability Management - Tenable Nessus, SC, CS
• Infra Vulnerability management/Triaging/ Remediation Advisory / ServiceNow /ITSM /CMDB
• Metasploit
• Red Teaming - FireCompass
• BaS - Cymulate
• PT - Horizon3
• PT - VA/ Discovery/ Enumeration/ Reconnaissance/ Scanning/ Manual/ Exploitation/ Analysis/ Reporting/ Zero Day/ corrective action/ Strategy
• PT - Network PT/ Red Teaming (Internal and External)/ Attack surface management/ /Breach Attack Simulation/Mitre Attack - Discovery/ Enumeration/ Reconnaissance/ Scanning/ Manual/ Exploitation/ Analysis/ Reporting/ Zero Day/ corrective action/ Strategy
• Application Security - Microfocus Fortify

Thanks,

Saurabh Mishra | VBeyond Corporation

Direct Number

Note: VBeyond is fully committed to Diversity and Equal Employment Opportunity.