Role: IAM/RBAC Consultant
Location: Remote
Duration: 12 Months
Job description:
We are seeking an experienced Identity & Access Management (IAM) professional to lead a strategic research initiative focused on designing a scalable, least privilege Role-Based Access Control (RBAC) model. This role is primarily research and design oriented, with deliverables intended to form the foundational framework for a future RBAC implementation, even if full realization may extend beyond 2026.
The successful candidate will gather access and privilege requirements across multiple disciplines and technology stacks, analyze current and legacy authentication models, and construct a flexible RBAC framework that can be consumed across diverse platforms and environments. This work will directly support improved onboarding, offboarding, and team migration processes within a large and complex organization.
Key Responsibilities
RBAC Research & Strategy
Lead a comprehensive research initiative to define a least privilege RBAC model suitable for a large, multi discipline organization.
Analyze existing access patterns, roles, and permissions across teams to identify commonalities, gaps, and risk areas.
Design an RBAC framework that is technology agnostic, scalable, and adaptable to both modern and legacy systems.
Document findings, assumptions, constraints, and recommendations to support future implementation efforts.
Active Directory & Group Design
Define and propose an Active Directory (AD) group strategy that aligns with organizational teams, roles, and responsibilities.
Design role and team based AD group structures to enable efficient onboarding, offboarding, and internal team migrations.
Ensure AD group models support least privilege access while remaining practical for operational use.
Collaborate with directory and infrastructure teams to validate feasibility and alignment with enterprise standards.
Cross Technology & Legacy System Alignment
Assess a wide range of technology stacks, including systems that lack modern authentication or authorization capabilities.
Incorporate legacy, manual, or locally managed access models into the broader RBAC research framework.
Identify and document compensating controls or interim approaches for systems that cannot immediately support centralized RBAC.
Stakeholder Collaboration & Documentation
Partner with security, infrastructure, application, and business teams to gather access requirements and role definitions.
Facilitate workshops or interviews to understand real world access needs and operational constraints.
Produce clear, consumable documentation, including:
RBAC conceptual models
Role and group definitions
Access mapping matrices
Implementation considerations and phased roadmap recommendations
Preferred Qualifications
Experience designing RBAC or IAM frameworks in large enterprises
Familiarity with onboarding/offboarding automation and identity lifecycle management
Exposure to modern IAM platforms (e.g., Azure AD, Entra ID, Okta, SailPoint, etc.)
Strong analytical and stakeholder facilitation skills