IAM/PAM Architect

Job Summary

We are seeking an experienced IAM/PAM Architect with 14 years of expertise in Identity and Access Management (IAM) and Privileged Access Management (PAM). The ideal candidate will have extensive hands-on experience in designing and architecting solutions with CyberArk, SailPoint, and Microsoft Entra ID (formerly Azure AD), Hashicorp for enterprise environments. This role demands a deep understanding of IAM/PAM frameworks, best practices, and the ability to align technology solutions with business requirements.

Roles & Responsibilities:

• Serve as the PAM Subject Matter Expert (SME) to guide customers in defining PAM strategy, roadmap, user onboarding processes, and engineering for medium to large enterprise environments.
• Collaborate with customer and vendor technical teams to analyze the current landscape, gather requirements, and plan phased PAM implementation and integration activities.
• Prepare enterprise-level PAM deployment and integration architecture and design.
• Lead the PAM implementation and integration team in environment setup, configuration, security policy definition, deployment, and integration activities.
• Design and implement robust IAM/PAM solutions using tools such as CyberArk, SailPoint, and Entra ID, HashiCorp Boundary and HashiCorp Vault.
• Define architecture blueprints for privileged access security, identity lifecycle management, and secure authentication.
• Ensure that IAM/PAM solutions align with organizational security policies, compliance requirements, and industry standards.
• Drive end-to-end implementation of IAM/PAM projects, including system integration with enterprise applications, directories, and cloud platforms.
• Provide technical leadership to project teams and serve as a subject matter expert for IAM/PAM technologies.
• Mentor junior engineers and support teams to ensure the adoption of best practices.
• Collaborate with cross-functional teams to define and execute technical strategies and roadmaps.
• Enhance privileged access workflows and governance processes to improve security and compliance.
• Engage with business stakeholders to gather requirements and translate them into technical solutions.
• Present architectural designs and strategies to both technical and non-technical audiences.
• Stay updated on the latest trends and advancements in IAM/PAM technologies.
• Proactively identify opportunities to enhance security, improve user experience, and drive operational efficiency.

Skills & Qualifications

Experience:

• 14 years of IT experience with a strong focus on IAM/PAM architecture and implementation.
• Demonstrated experience leading PAM product consulting, architecture, design, deployment, and integration activities.
• Expertise in preparing detailed implementation plans with well-defined activities and dependencies.

Technical Expertise:

• Hands-on experience with CyberArk, SailPoint IdentityNow/IIQ, and Microsoft Entra ID, HashiCorp Boundary and HashiCorp Vault and other leading IAM/PAM/SSO solutions.
• In-depth knowledge of CyberArk components: Vault, PSM, CPM, Alero, and Conjur.
• Proficiency in SailPoint Identity governance, including provisioning, access certifications, workflows, and connectors.
• Strong understanding of Entra ID features, such as SSO, Conditional Access, B2B/B2C configurations, and Identity Protection.
• Experience in designing and implementing IAM/PAM/SSO/RBAC projects in large customer environments.
• Familiarity with authentication protocols: SAML, OAuth, OpenID Connect, LDAP, and Kerberos.
• Experience integrating IAM/PAM solutions with cloud platforms (Azure, AWS, Google Cloud Platform).
• Deep understanding of PAM use cases, features, processes, components, services, and dependencies.

Additional Skills:

• Solid knowledge of Active Directory, LDAP, databases, SQL, and scripting (e.g., PowerShell, Python) for PAM integrations.
• Excellent communication and leadership skills, with the ability to manage and mentor teams.
• Exceptional client-facing and presentation skills, with the ability to articulate technical concepts to diverse audiences.
• Proven ability to work under tight deadlines and manage multiple priorities effectively.

Certifications Needed:

• Bachelor s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.
• Certification in CISSP, ABAC, RBAC, ITIL, MCSE, CISM, CISA, PAM, MCSA, OSCP