Identity Access Management Architect

Job DescriptionRole OverviewThe IAM Architect will lead the design, implementation, and optimization of enterprise identity and access solutions, ensuring seamless integration across cloud, SaaS, and on-prem systems. This role will focus on Entra ID (Azure AD), Entra B2C, SAP, and Workday integrations, balancing security, user experience, and operational efficiency. This is a hands-on technical leadership role, working closely with security engineers, infrastructure teams, and business application owners to drive a modern IAM strategy.Key ResponsibilitiesIdentity & Access Architecture• Design and implement a scalable IAM architecture utilizing Microsoft Entra ID, Entra B2C, and other identity platforms. • Lead integration efforts across SAP, Workday, SaaS applications, and custom-built platforms. • Define IAM governance models, including role-based access control (RBAC), attribute-based access control (ABAC), and just-in-time (JIT) access. • Support the adoption of zero-trust identity principles, including MFA, conditional access, and passwordless authentication.Identity Lifecycle & Automation• Architect identity lifecycle management solutions, automating provisioning/deprovisioning across HR, IT, and security systems. • Implement Identity Governance & Administration (IGA) best practices, ensuring least privilege access and role alignment. • Develop custom integrations and automation scripts (PowerShell, Python, API-based solutions) to enhance IAM workflows. • Collaborate with HR (Workday) and ERP (SAP) teams to synchronize identity management with workforce operations.Security & Compliance• Ensure regulatory compliance (GDPR, SOC 2, ISO 27001) by aligning IAM controls with security frameworks. • Design and enforce privileged access management (PAM) solutions, securing admin accounts and critical systems. • Support security audits and identity risk assessments, addressing access anomalies and reducing attack surfaces. • Enhance identity threat detection and response capabilities in collaboration with SOC and SIEM teams. Required Skills & Experience• 6+ years of hands-on IAM experience, with at least 2 years in an architect or senior engineering role.• Expertise in Entra ID (Azure AD), Entra B2C, and IAM-related Microsoft security tools. • Experience integrating IAM with SAP, Workday, and other enterprise applications. • Deep knowledge of SAML, OAuth, OpenID Connect, SCIM, and federation protocols. • Hands-on experience with identity automation, PowerShell scripting, and API-based integrations. • Strong understanding of zero-trust architecture, privileged access management (PAM), and adaptive authentication. • Ability to collaborate with IT, HR, DevOps, and security teams to align identity solutions with business needs.Preferred Qualifications• Certifications such as Microsoft Certified: Identity and Access Administrator, CISSP, GIAC-GIAM, or Okta Certified Architect. • Experience with Azure AD Conditional Access, Defender for Identity, and Entra Permissions Management. • Knowledge of Identity Governance and Administration (IGA) platforms like SailPoint or Saviynt. • Familiarity with DevOps and cloud security best practices in AWS/Azure environments. Apply tot his job