IAM Architect - Full Time

Overview

On Site
Full Time

Skills

Pega
IAM

Job Details

Role: IAM Architect
Location: Chaska MN (100% onsite)
Hire type: FTE

Preferred Qualifications

  • Experience with supplier/vendor IAM federation in complex semiconductor supply chains.
  • Background in IT/OT convergence security for smart factories and Industry 4.0 initiatives.
  • Knowledge of chip design workflows, engineering collaboration platforms, and secure IP vaults.
  • Relevant certifications: CISSP, CCSP, Microsoft Identity & Access, Okta Certified, ISA/IEC 62443
  • Cybersecurity Expert.

Required Skills & Experience

  • 8+ years of IAM experience, with at least 3 years in a strategic architecture role for a manufacturing or semiconductor enterprise.
  • Proven ability to secure both IT and OT environments in global industrial operations.
  • Expertise in IAM platforms (Okta, SailPoint, Ping, ForgeRock), PAM solutions (CyberArk, Beyond Trust), directory services & federation (LDAP, SAML, OAuth2, OpenID Connect, SCIM), Zero Trust IAM architecture for hybrid cloud & on-premises.
  • Deep understanding of semiconductor industry workflows, including EDA tools and IP lifecycle management.
  • Familiarity with industrial control system (ICS) security, OT protocols, and factory automation networks.
  • Strong knowledge of export control regulations (ITAR/EAR), IP protection strategies, and global data privacy compliance.

Key Responsibilities

  1. Semiconductor IP Protection
  • Implement least privilege access to safeguard sensitive chip design files, EDA tools, and proprietary engineering data.
  • Architect IAM for engineering design workflows, integrating with EDA tools (Cadence, Synopsys, Mentor Graphics).
  • Ensure strict segregation of duties and data residency controls to comply with export controls (ITAR/EAR) and regional IP protection laws.
  • Develop federated identity and access models for secure collaboration with external R&D partners, foundries, and design houses.

  1. Factory OT Security & Operational Continuity
  • Design IAM solutions for Operational Technology (OT) environments, including MES, SCADA/PLC systems, and factory automation equipment.
  • Extend Zero Trust principles to the shop floor, securing remote vendor access for equipment maintenance without compromising uptime.
  • Integrate IAM with Industrial Control Systems (ICS), considering legacy equipment with limited native authentication capabilities.
  • Work with OT security teams to segment access between IT and OT networks, minimizing lateral movement risks in factories.
  1. Global IAM Strategy & Governance
  • Define the enterprise IAM roadmap for all global sites, aligning with manufacturing, R&D, and supply chain security requirements.
  • Standardize access provisioning workflows across factories, design centers, suppliers, and regional offices.
  • Develop role-based (RBAC) and attribute-based (ABAC) access models that address the needs of factory operators, R&D engineers, external contractors and vendors, and supply chain partners.
  1. Cloud & Hybrid IAM
  • Architect secure access to cloud-hosted semiconductor design environments and collaboration tools.
  • Integrate IAM for multi-cloud environments (Azure, AWS, Google Cloud Platform) supporting global engineering teams.
  • Enable secure identity federation for supply chain and ecosystem partners.
  1. Risk Management & Compliance
  • Ensure IAM policies meet semiconductor industry compliance standards, including NIST 800-53, IEC 62443 (OT security), ISO 27001, and export control regulations (ITAR/EAR).
  • Lead access certification campaigns and automate identity lifecycle management for employees, contractors, and vendors worldwide.
  • Provide IAM audit readiness for IP protection, export compliance, and global data privacy regulations (GDPR, local DPAs
  1. Technology Enablement & Integration
  • Lead the evaluation, deployment, and integration of enterprise IAM platforms (SailPoint, ForgeRock, Okta Ping Identity) and Privileged Access Management (PAM) solutions (CyberArk, Beyond Trust).
  • Automate joiner-mover-leaver (JML) processes across IT, OT, and cloud environments.
  • Work closely with IT, OT, and cybersecurity teams to ensure high availability and minimal disruption in production environments

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About NeoTech Solutions