IAM Architect

Description:

The IAM Architect will serve as a key advisor to executive leadership, providing guidance on risk management, identity governance, authentication, authorization, and emerging technologies.

Responsibilities include:

• Design, develop, and implement secure IAM architecture that align with security architecture and strategy, business goals and regulatory standards.
• Establish and maintain IAM frameworks, including identity lifecycle management, role-based access control (RBAC), and attribute-based access control (ABAC).
• Lead the development of reusable design patterns and blueprints for IAM services.
• Mature the implementation of our privileged access management (PAM) solution, Delinea, to secure and monitor privileged accounts, ensuring compliance with least-privilege principles and reducing insider threats.
• Integrate identity federation, single sign-on (SSO), and multi-factor authentication (MFA) with enterprise systems and cloud services.
• Develop and enforce policies for secure privileged access, including automated password rotation, credential vaulting, and fine-grained access control
• Architect solutions for identity provisioning and de-provisioning across on-premises, cloud, and hybrid environments.
• Collaborate with stakeholders to implement governance models for identity compliance, PAM, and access certification
• Design and oversee encryption strategies for sensitive identity, privileged, and certificate da at rest, in transit, and in use.
• Integrate IAM, PAM, and PKI solutions with security information and event management (SIEM) tools for enhanced threat detection and monitoring.
• Ensure IAM architecture comply with relevant regulations (e.g., HIPAA, HITECH, NYSDOH 405.46, HITRUST, etc.) and industry standards.
• Provide thought leadership in emerging IAM, PAM, and PKI technologies and practices, staying ahead of the latest trends.
• Continuously improve the organization’s IAM architecture to address evolving security challenges.

Requirements include:

• 8+ years of experience in IAM, PAM, and PKI, with a focus on architecture and leadership.
• Leadership: Proven ability to lead IAM, PAM, and PKI initiatives and cross-functional teams in complex environments.
• Solution Design: Hands-on experience designing and implementing IAM, PAM, and PKI solutions in large enterprises.
• Deep expertise in IAM, PAM, and PKI principles, including authentication, authorization, privileged session management, and certificate managemen
• Extensive experience with IAM, PAM, and PKI technologies such as SailPoint, Delinea, Microsoft Azure AD, or similar.
• Proficiency in IAM protocols (e.g., SAML, OAuth, OpenID Connect, SCIM), PAM best practice and PKI standards (e.g., X.509, OCSP, CRL). 1/22/25, 12:44 PM IAM ARCHITECT Job 2/4 Mission: To heal, to teach, to discover and to advance the health of the communities we serve.
• Strong understanding of regulatory compliance requirements related to IAM.
• Ability to lead large-scale IAM, PAM, and PKI initiatives, translating business needs into actionable strategies.
• Excellent communication skills for both technical and non-technical audiences.
• Strong interpersonal skills to build relationships and influence stakeholders across an organizational levels.
• Experience in security architecture, solution design, and integration with enterprise and cloud platforms.

Certifications (Preferred but not required)

• Certified Information Systems Security Professional (CISSP)
• Certified Identity and Access Manager (CIA)
• Microsoft Certified: Identity and Access Administrator Associate
• AWS Certified Security - Special
• GIAC Certified Enterprise Defender (GCE)
• GIAC Certified Public Key Infrastructure Professional (GPK)
• Delinea Privileged Access Management certification or equival