Description

Job Title: IAM Architect

Location: Remote

Employment Type: 24 months Contract

Departmen Cyber PAM &Identity & Access Management

Position Overview

We are seeking a highly experienced IAM Architect with a deep background in Identity & Access Management, Privileged Access Management (PAM), and enterprise-level identity modernization. The ideal candidate will have 10+ years of IAM experience, strong hands-on expertise with CyberArk, SailPoint, Azure Privileged Identity Management (PIM/Entra ID), and proven success leading migrations from on-premise identity solutions to modern cloud-based platforms.

This role will design, build, and optimize scalable identity architectures, enhance privileged access controls, implement secrets management, and support enterprise Zero Trust initiatives.

Key Responsibilities

Identity Architecture & Strategy

  • Lead the design and development of enterprise IAM architectures, frameworks, and technical roadmaps.
  • Architect end-to-end identity solutions across on-premises and cloud environments (Azure, hybrid).
  • Define IAM standards, policies, and governance aligned with Zero Trust and security best practices.
  • Drive the consolidation and modernization of legacy identity systems into cloud identity platforms.

Privileged Access & Secrets Management PAM

  • Design and implement privileged access solutions using CyberArk, Azure PIM/Entra ID, and other privileged identity tools.
  • Develop architecture for secrets management, credential vaulting, and session monitoring.
  • Ensure scalable, secure onboarding and lifecycle management of privileged accounts.
  • Build integrations for PAM controls across servers, databases, applications, and cloud services.

IAM Platform Engineering & Integration

  • Architect and implement IAM workflows using SailPoint IdentityIQ/IdentityNow.
  • Lead migrations from traditional on-prem IAM systems to CyberArk, SailPoint, and Microsoft Entra ID.
  • Integrate IAM and PAM services with cloud platforms, enterprise applications, and APIs.
  • Implement FIDO2 authentication, MFA, SSO, and federation standards.
  • Collaborate with infrastructure, cloud, and cybersecurity teams to operationalize IAM solutions.

Operations & Continuous Improvement

  • Provide technical leadership, mentorship, and best practices guidance for IAM engineers.
  • Conduct architecture reviews, risk assessments, and controls validation.
  • Optimize access controls, identity lifecycle automation, and compliance reporting.
  • Stay current with IAM trends, frameworks, and emerging technologies.

Required Qualifications

  • 10+ years of hands-on experience in Identity & Access Management, including architectural design.
  • Strong expertise with:
  • CyberArk (PAM, PSM, PVWA, CPM, Secrets Management)
  • SailPoint IdentityIQ/IdentityNow
  • Microsoft Entra ID / Azure AD / Azure PIM
  • FIDO2 authentication technologies
  • Secrets management and privileged identity platforms
  • Experience migrating from on-prem identity systems to cloud IAM/PAM platforms.
  • Proficiency in identity federation, SSO, MFA, OAuth, SAML, OIDC, SCIM, RBAC, ABAC.
  • Strong understanding of cloud security architecture (Azure preferred).
  • Experience designing IAM and PAM solutions for hybrid enterprise environments.
  • Excellent communication, stakeholder engagement, and technical documentation skills.

Preferred Qualifications

  • Professional certifications such as:
  • CyberArk Trustee / Defender / Sentry
  • SailPoint Certified Architect
  • Microsoft Entra ID / Azure Security Engineer / Identity Architect