Identity and Access Architect

Responsibilities

Own the Identity Strategy

• Define
  and drive the target-state identity architecture across IAM, PAM, and
  machine identity
• Establish
  token-based authentication and just-in-time access as core design
  principles
• Act
  as the final voice on identity architecture decisions - clear, opinionated,
  and grounded in experience
• Translate
  strategy into reference architectures, patterns, and execution frameworks

Modernize IAM

• Lead
  the evolution of identity governance and administration (IGA) platforms
  (e.g., SailPoint)
• Design
  a centralized authentication model to replace fragmented systems
• Improve
  end-user experience by eliminating redundant authentication friction
• Enable
  scalable onboarding via cloud-native identity platform integration
  patterns (SDKs/APIs) Transform Privileged Access
• Move
  the organization from standing privilege to just-in-time, token-based
  access
• Architect
  enterprise PAM solutions (CyberArk or equivalent)
• Define
  secrets management strategy and controls
• Reduce
  risk through identity-based segmentation and least-privilege design

Lead Non-Human & Cloud Identity

• Build
  frameworks for machine identity, workload identity, and service-to-service
  auth
• Establish
  identity controls across cloud platforms, Kubernetes, and CI/CD pipelines
• Define
  identity patterns for emerging AI and autonomous systems Drive Governance
  & Capability
• Embed
  governance into architecture to support audit, compliance, and risk
  reduction
• Define
  standards, guardrails, and reusable patterns
• Mentor
  engineers and elevate capability across distributed teams
• Bridge
  the gap between tooling capabilities and architectural intent What You
  BringCore Experience
• 10+
  years in Identity & Access Management architecture and engineering
• Deep
  expertise across:
  • IAM
    (Identity & Access Management)
  • PAM
    (Privileged Access Management)
  • Identity
    Governance (IGA)
• Strong
  hands-on experience with:
  • Microsoft
    Entra ID (Azure AD)
  • CyberArk
    (or equivalent PAM platforms)
  • SailPoint
    (IdentityNow/IdentityIQ) Technical Depth
• Proven
  experience with:
  • OAuth
    2.0, OIDC, token-based auth models
  • Just-in-time
    (JIT) access/zero standing privilege
  • Cloud-native
    identity architectures
  • Kubernetes/workload identity/CI-CD security
• Strong
  understanding of:
  • Secrets
    management (Vault or equivalent)
  • Identity
    in distributed and hybrid cloud environments

Execution & Leadership

• Track
  record of delivering enterprise-scale identity transformations
• Ability
  to influence senior stakeholders and align business + engineering
• Experience
  leading or mentoring distributed/global teams
• Comfortable
  operating as a player-coach. Strategic and hands-on

Bonus Points

• Experience
  with Zero Trust architecture
• Background
  in regulated environments (financial services, healthcare, etc.)
• Large-scale
  migration or “factory model” delivery experience
• Exposure
  to AI/agent identity models

Who You Are

• You
  don’t just design architecture - you drive it into production
• You
  connect dots across IAM, PAM, cloud, and machine identity without forcing
  it
• You
  bring strong opinions backed by real-world delivery
• You’re
  as comfortable in an exec room as you are in a design review
• You
  elevate the people around you - not just the technology

JOBID: 12334