Only W2 - IAM Architect - Santa Clara, California - Onsite

Role: IAM Architect
Location: Santa Clara, California - Onsite
Client: TCS
Job Description: IAM Architect

Position Overview
We are seeking an experienced Identity and Access Management (IAM) Architect with a proven track record of designing and implementing robust IAM solutions. The ideal candidate will have 10+ years of experience specializing in SailPoint Identity Governance and Administration (IGA) and Ping Identity Multi- Factor Authentication (MFA) solutions. Additional expertise in Azure IAM is highly desirable. This role will be responsible for architecting, deploying, and optimizing enterprise-scale IAM systems to ensure secure and efficient identity management across the organization.
Key Responsibilities Solution Design: Architect and implement comprehensive IAM solutions using SailPoint IGA and Ping Identity MFA to meet business and security requirements.
Identity Governance: Design workflows, policies, and role-based access controls (RBAC) within SailPoint to ensure compliance with regulatory standards (e.g., GDPR, SOX).
Multi-Factor Authentication: Lead the deployment and configuration of Ping Identity MFA solutions to enhance security for user authentication across applications
Integration: Integrate IAM solutions with enterprise systems, including cloud platforms (Azure, AWS), on-premises infrastructure, and third-party applications.
Azure IAM (Preferred): Leverage Azure Identity Governance, Azure AD, and related tools to design and manage identity solutions in hybrid and cloud-native environments.
Collaboration: Work with cross-functional teams, including security, DevOps, and application development, to align IAM strategies with organizational goals. .
Compliance and Auditing: Ensure IAM solutions meet audit and compliance requirements by implementing monitoring, reporting, and access certification processes.
Optimization: Continuously evaluate and improve IAM architectures to enhance performance, scalability, and user experience.
Mentorship: Provide technical guidance and mentorship to junior IAM engineers and administrators.
Documentation: Create and maintain detailed architecture diagrams, technical documentation, and standard operating procedures for IAM systems.
Required Qualifications Experience: Minimum of 10 years of hands-on experience in IAM solution design and implementation.
Sail Point Expertise: Deep knowledge of SailPoint Identity IQ or SailPoint IdentityNow, including provisioning, access certification, and lifecycle management.
Ping Identity Expertise: Extensive experience designing and deploying Ping Identity MFA solutions, including PingFederate and PingOne.
Technical Skills:
o Proficiency in IAM protocols (SAML, OAuth, OpenID Connect, SCIM).
o Experience with directory services (LDAP, Active Directory).
o Familiarity with scripting languages (e.g., PowerShell, Python) for automation.
Security Knowledge: Strong understanding of cybersecurity principles, including zero trust, least privilege, and encryption standards.
Problem-Solving: Proven ability to troubleshoot complex IAM issues and provide innovative solutions.
Communication: Excellent verbal and written communication skills to interact with technical and non-technical stakeholders.
Education: Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
Preferred Qualifications Azure IAM Experience: Hands-on experience with Azure Active Directory, Azure AD B2C, Conditional Access, and Identity Governance.
Certifications: Relevant certifications such as SailPoint Certified Identity IQ Engineer, Ping Identity Certified Professional, CISSP, or Microsoft Certified: Identity and Access Administrator Associate.
Cloud Expertise: Experience integrating IAM solutions with other cloud platforms (AWS, Google Cloud).
DevSecOps: Familiarity with integrating IAM into CI/CD pipelines and DevSecOps practices.