Cyber Architect |

Role: Cyber Architect Location: United States Remote work 1 Position JD Job Summary: We are seeking an experienced and forward-thinking Identity & Access Management (IAM) Architect to lead the design, implementation, and optimization of our enterprise IAM ecosystem. The ideal candidate brings deep expertise across IGA, Authentication/Access Management, and Privileged Access Management, combined with strong architectural vision, innovation mindset, and the ability to drive modern, scalable identity solutions across cloud and hybrid environments. This role requires hands-on technical leadership, strategic planning, and the ability to influence cross-functional teams to ensure a secure, user-friendly, and resilient identity posture.

Key Responsibilities

Identity Governance & Administration (IGA)

• Architect and implement enterprise IGA solutions using SailPoint or Saviynt along with Entra ID Identity Governance.
• Lead lifecycle management design: onboarding, provisioning, deprovisioning, access certification, and governance workflows.
• Develop RBAC/ABAC models, SoD rules, and governance frameworks.

Access Management (AM)

• Design and operationalize authentication and authorization services using Okta and Microsoft Entra ID.
• Drive modern authentication standards: OAuth 2.0, OIDC, SAML, Passwordless approaches, adaptive MFA, and conditional access.
• Implement Zero Trust-aligned identity architectures across cloud and on-premises applications.

Privileged Access Management (PAM)

• Architect and deploy CyberArk Privileged Access Security solutions including PSM, PIM, Vault, and EPM.
• Establish enterprise PAM strategy, secrets management, session monitoring, and least-privilege frameworks.

Cloud IAM (AWS/Azure)

• Design end-to-end Identity frameworks for AWS and Azure, including account structure, federation, IAM roles/policies, and workload identity strategies.
• Implement identity controls aligned with cloud security best practices (least privilege, conditional access, just-in-time access).

Architecture & Strategy

• Serve as the IAM expert and thought leader, driving innovative solutions to complex security and identity challenges.
• Develop IAM roadmaps, reference architectures, standards, and best practices.
• Lead architectural reviews, threat modeling, and integration strategies for enterprise applications and cloud services.
• Collaborate with security, engineering, compliance, and business teams to align IAM capabilities with organizational goals.

Required Skills & Qualifications

• U.S. Citizen (required).
• 10+ years overall experience in Identity & Access Management or related security domains.
• Expert level experience in:

o IGA: SailPoint or Saviynt, Entra ID Governance o AM: Okta, Entra ID, SSO, federation, MFA o PAM: CyberArk (PIM, PSM, Vault, EPM)

• Strong experience designing IAM architectures for Azure and AWS cloud platforms.
• Hands-on expertise with authentication protocols (SAML, OAuth, OIDC), directory services, and identity federation.
• Proven ability to design scalable, secure IAM integrations with SaaS, cloud, and on-prem applications.
• Strong analytical, problem-solving, and architectural design skills.
• Ability to communicate complex technical concepts to non-technical stakeholders.

Preferred Skills

• Experience with Zero Trust frameworks and modern identity security patterns.
• Familiarity with DevSecOps, CI/CD pipeline integrations, and identity automation.
• Knowledge of compliance frameworks such as SOX, HIPAA, NIST, ISO27001.
• Scripting skills in PowerShell, Python, or similar for automation.

Personal Attributes

• Thought leader with a passion for innovation and continuous improvement.
• Out-of-the-box thinker who brings creative, modern solutions to identity challenges.
• Quick learner with high adaptability to new technologies and dynamic environments.
• Strong can-do attitude, proactive mindset, and ownership-driven work style.
• Ability to work independently and collaboratively in a fast-paced environment.

Education & Certifications

• Bachelor's or master's degree in computer science, Information Security, or related field (preferred).
• Useful certifications (nice to have):

o Microsoft Identity (SC-300), Azure Architect, Okta Consultant/Professional o SailPoint or Saviynt certified engineer/architect o CyberArk Defender/Sentry/Guardian o CISSP, CCSP, or other security certifications. Apply tot his job Apply To this Job