IAM Architect

Hiring W2 Candidates Only

Visa: Open To Any Visa Type With Valid Work Authorization In the USA

Job Summary

We are seeking an experienced Identity and Access Management (IAM) Architect to design, implement, and manage enterprise-level IAM solutions that ensure secure, compliant, and efficient access to systems and data. The ideal candidate will have deep knowledge of IAM technologies, authentication standards, and security governance practices across cloud and on-premise environments.

Key Responsibilities

Architect, design, and implement enterprise IAM solutions aligned with organizational security strategy and compliance requirements.

Develop and enforce IAM policies, standards, and best practices across the organization.

Design role-based access control (RBAC), attribute-based access control (ABAC), and privileged access management (PAM) frameworks.

Oversee the integration of IAM systems with cloud platforms (AWS, Azure, Google Cloud Platform), directory services (AD, LDAP), and SaaS applications.

Define and implement authentication and authorization mechanisms (OAuth 2.0, OpenID Connect, SAML, MFA).

Lead design and deployment of single sign-on (SSO) and identity federation solutions.

Collaborate with security, infrastructure, and application teams to ensure seamless and secure user access.

Develop and maintain identity lifecycle management processes provisioning, de-provisioning, and certification.

Perform risk assessments, security audits, and compliance reviews related to IAM.

Stay up to date on IAM technologies, security threats, and regulatory frameworks (e.g., NIST, ISO 27001, GDPR).

Required Skills and Qualifications

Bachelor s or Master s degree in Computer Science, Information Security, or related field.

7+ years of experience in Identity and Access Management or Security Architecture roles.

Proven expertise with IAM platforms such as:

SailPoint, Okta, Ping Identity, CyberArk, Azure AD / Entra ID, ForgeRock, or IBM Security Identity Manager.

Strong understanding of authentication and authorization protocols SAML 2.0, OAuth 2.0, OpenID Connect, LDAP, Kerberos.

Experience designing and implementing SSO, MFA, and federation across cloud and on-premise applications.

Deep understanding of Active Directory, Azure AD, and directory synchronization.

Experience with Privileged Access Management (PAM) tools (CyberArk, BeyondTrust, Thycotic).

Proficiency in IAM automation using PowerShell, Python, or REST APIs.

Familiarity with compliance standards (SOX, HIPAA, GDPR, NIST 800-53, ISO 27001).

Strong communication and documentation skills for architectural design and stakeholder engagement.

Preferred / Nice-to-Have Skills

Experience integrating IAM with cloud-native services (AWS IAM, Azure Entra ID, Google Cloud Platform Identity).

Knowledge of Zero Trust security models and IAM governance frameworks.

Hands-on experience with IGA (Identity Governance & Administration) platforms such as SailPoint IdentityIQ or Saviynt.

Understanding of Privileged Access Security and Just-in-Time (JIT) access principles.

Relevant certifications such as:

CISSP, CISM, Microsoft Certified: Identity and Access Administrator, Okta Certified Professional, or CyberArk Defender.

Exposure to DevSecOps pipelines and API-based IAM integration.