IAM ARCHITECT

Job Title : IAM Architect

Location: Warren, MI (Hybrid)

We are currently seeking candidates who meet the following qualification

Key Responsibilities:

• Develop and implement an IAM strategy and control framework aligned with industry best practices.
• Lead the design and deployment of IAM solutions, ensuring seamless integration with Microsoft Entra, Azure AD PIM, and other security tools.
• Design and oversee identity lifecycle management processes for human and non-human/machine accounts.
• Establish a streamlined access request process for all account types.
• Implement IAM analytics and reporting capabilities.
• Design and execute periodic access certification (attestation/review) processes.
• Develop auditing mechanisms to ensure compliance with IAM policies.
• Define and manage IAM policies and role-based access control (RBAC).
• Configure automated provisioning and de-provisioning processes using IAM connectors.
• Develop and implement IAM workflow orchestration.
• Ensure account activity and changes are logged and ingested by the College’s MDR provider (using LogPoint as the aggregation tool).
• Implement privileged access management (PAM) processes, including secondary approval workflows for privileged credentials.
• Identify and remediate orphan accounts and unused entitlements.
• Assign risk ratings to entitlements, accounts, and identities based on data sensitivity, access permissions, and contextual factors.
• Discover and manage privileged access and accounts.
• Identify and remediate over-permissioning by analyzing assigned roles against actual usage patterns.
• Maximize the use of PIM where applicable.
• Provide access reviewers and approvers with approve/deny recommendations.
• Conduct role modeling and role engineering to optimize RBAC implementation.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IAM architecture and implementation.
• Strong knowledge of Microsoft Entra, Azure AD, and PIM.
• Experience with IAM frameworks, governance, and compliance.
• Expertise in authentication, authorization, and identity lifecycle management.
• Proficiency in privileged access management (PAM) solutions.
• Familiarity with security information and event management (SIEM) tools (e.g., LogPoint).
• Strong understanding of access certification, auditing, and role-based access control (RBAC).
• Experience with automated provisioning, workflow orchestration, and analytics.
• Ability to lead and collaborate with internal stakeholders.
• Strong problem-solving and analytical skills.
• Excellent communication and documentation skills.

Preferred Qualifications:

• IAM certifications (e.g., CISSP, CISM, CIAM, or Microsoft Azure Security certifications).
• Experience in higher education or public sector IAM implementations.
• Experience with other IAM solutions beyond Microsoft Entra and PIM.