Identity and Access Management (IAM) Architect

Job Description

SUMMARY: The Enterprise IAM Solutions Architect's primary role is to administer, implement, and support identity governance & access technologies at Stride. This role will design, build, and improve systems that keep workforce & privileged identities secure using both cloud native and traditional approaches. You will work closely with other IT professionals, including system engineers and security specialists, to ensure seamless integrations into the overall IT infrastructure. You will troubleshoot IAM and IGA issues, develop creative solutions, and implement IGA and IAM controls, supporting IT IAM Controls testing (SOX and non-SOX). You will also create detailed technical documentation and architectural diagrams to support IAM and PAM initiatives.

To be successful in this role, you should have extensive experience in IAM, IGA, and PAM technologies, along with strong project management skills to lead and coordinate projects across multiple teams and stakeholders. Excellent communication and interpersonal skills are essential, as you will work closely with stakeholders at all levels of the organization to develop and implement IAM solutions. A solid understanding of IT governance frameworks and compliance with relevant regulations and standards is also crucial.

ESSENTIAL FUNCTIONS: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.

• Design, implement, and maintain Stride's Identity Governance, Management, and Privileged Access Management technologies
• Enforce company policies and procedures related to IAM, IGA, and PAM
• Work with other IT team members to ensure seamless integrations into the overall IT infrastructure
• Troubleshoot IAM & IGA issues and develop creative solutions to solve problems
• Lead IAM, IGA, & PAM projects from start to finish, including developing project plans, coordinating resources, and managing timelines
• Create detailed technical documentation and architectural diagrams to support IAM and PAM initiatives
• Provide expert guidance on how to manage workforce identity management best practices
• Lead the deployment and integration of IAM solutions, ensuring alignment with FERPA regulatory standards and best practices
• Consider how different elements of business, information and technology architectures can be used to solution for a specific problem
• Responsible for following standards, architectural and process with regards to the overall security architecture
• Interface across multiple business areas to coordinate deliverables, build consensus and influence outcomes
• Manage the tasks and activities that are involved with the successful implementation of your designed solution
• Consult on highly complex projects requiring in-depth knowledge across multiple business areas
• Ensure compliance of principles, strategies, frameworks and standards for solutions across the enterprise
• Monitor regulatory environment for impact on security and IT risk programs and initiatives
• Stay up to date on the latest trends and best practices

Supervisory Responsibilities: This position initially has no formal supervisory responsibilities.

MINIMUM REQUIRED QUALIFICATIONS:

• Five (5) years of experience in IAM solutions design, development, implementation, and maintenance of large-scale systems across multiple platforms
• Documented experience and a solid understanding of identity lifecycle management, credential management, role-based access, and identity governance are required
• Equivalent combination of education and experience, including prior relevant military service experience.

Certificates and Licenses: None required.

OTHER REQUIRED QUALIFICATIONS:

• Demonstrable experience with identity management & administration tools and practices
• Prior in-depth experience with Active Directory, Entra ID, Workday, and SailPoint required
• Experience with application design and consulting experience on IAM functions like user life cycle management, access control policies, federation, certifications, Access Management, and role management
• Confirmed experience architecting initial infrastructure, onboarding of applications, role-based access controls, policy and password management, certifications, workflows, work items and rules
• In-depth knowledge and hands-on technical experience with Lifecycle Manager, Compliance Manager, and Access Request
• Understanding of RBAC, Identity Policies, Identity Lifecycle automation and reporting, Password Policies, Separation of duties, User Provisioning, and approval workflows in SailPoint ISC
• Hands-on experience with Privileged Identity Management systems required
• In-depth understanding of leading-edge identity governance-enabling technologies & practices
• Strong demonstrated ability to gain consensus and support across diverse functions and departments
• Effective collaboration skills with ability to interface with all levels of management and staff
• Experienced guiding stakeholders with risk-based decision-making
• Project management planning and organization skills
• Ability to identify, document, and communicate information security issues to business and information owners
• Experience driving cloud-based architectures (AWS, Azure, Google)
• Exemplary oral and written communication skills including meeting facilitation and presentation
• Understanding of common application development frameworks (.NET, Java/J2EE)
• Proven problem-solving and analytical skills, with the ability to apply business judgment to complex problems and make decisions
• Strong understanding of data/information architecture concepts and patterns
• Broad-based knowledge of the IT industry and trends
• Proficiency in Microsoft Office Outlook, Word, Excel, PowerPoint, Project
• Ability to clear required background check

DESIRED QUALIFICATIONS:

• Bachelor's degree in Computer Science, Information Systems, Information Security & Assurance, Information Technology, Audit, or related field desired
• CISSP, CRISC, CISA, CGEIT, Security+, or other relevant information security certifications
• Experience in PowerShell scripting
• Expertise in FERPA requirements, NIST standards, and information security best practices
• Prior experience with Okta, SailPoint, Entra ID, and/or Thycotic desired
• Prior experience utilizing AWS native PAM tools is desired
• Prior experience in Education is a plus
• Knowledge of audit trail and systems activity review processes and procedures
• Proficiency in risk assessment and risk management methodologies
• Knowledge and understanding of information technology and networking concepts

WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• This position is virtual and open to residents of the 50 states and Washington, D.C.

Compensation & Benefits: Stride, Inc. considers a person's education, experience, and qualifications, as well as the position's work location, expected quality and quantity of work, required travel (if any), external market and internal value when determining a new employee's salary level. Salaries will differ based on these factors, the position's level and expected contribution, and the employee's benefits elections. Offers will typically be in the bottom half of the range.

We anticipate the salary range to be $66,379.50 to $170,037.60. Eligible employees may receive a bonus. This salary is not guaranteed, as an individual's compensation can vary based on several factors. These factors include, but are not limited to, geographic location, experience, training, education, and local market conditions. Stride offers a robust benefits package for eligible employees that can include health benefits, retirement contributions, and paid time off.

Job Type

Regular

The above job is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor. All employment is "at-will" as governed by the law of the state where the employee works. It is further understood that the "at-will" nature of employment is one aspect of employment that cannot be changed except in writing and signed by an authorized officer.

Stride, Inc. is a Federal Contractor, an Equal Opportunity/Affirmative Action Employer and a Drug-Free Workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)