IAM Architect

We are looking for 2-3 profiles which we can present to the client for an IAM architecture / transformation opportunity.

Please find the JD and the write-up below of the client requirements.

For any R&R related questions specific to this project, feel free to use the requirements listed below.

• Role rationalization, fine grained access control, enabling least privilege and eventually JIT access
• Fine grained RBAC, ABAC, Access governance at scale
• Automation of access reviews
• Alignment / Compliance with FedRAMP High
• Identify and prioritize apps for entitlement analysis
• PAM and NHI are not in the current list of priorities
• CIAM is not in scope

Identity and Access Management (IAM) Architect

Key Responsibilities :

Conduct comprehensive assessments of current IAM practices for structured, unstructured, and semi-structured data

Evaluate IAM measures for databases, data warehouses, data lakes, network file shares, cloud storage, and other data repositories

Analyze access control mechanisms for sensitive data types including customer information, employee PII, company confidential data, and financial records

Identify gaps and vulnerabilities in existing IAM controls

Develop target state recommendations for enhancing IAM across all platforms and data types

Create a detailed roadmap for implementing IAM improvements

Evaluate and recommend IAM tools and technologies appropriate for the client's environment

Develop identity governance strategies and access management policies

Assess and recommend improvements for privileged access management

Review and enhance authentication and authorization strategies

Analyze and improve identity lifecycle management processes

Assess and recommend enhancements for IAM in cloud and hybrid environments

Evaluate and propose improvements for IAM monitoring and auditing processes

Provide guidance on compliance with relevant IAM regulations and standards

Collaborate with other security teams to ensure alignment of IAM with overall cybersecurity strategy

Conduct or participate in threat modeling exercises related to identity and access flows

Develop guidelines for secure integration of IAM systems with various data repositories

Present findings and recommendations to technical and non-technical audiences

Required Qualifications :

Bachelor's degree in Computer Science, Information Technology, or related field; Master's degree preferred

10 years of experience in IAM, with a focus on architecting secure identity and access solutions

In-depth knowledge of IAM best practices, standards, and regulations (e.g., GDPR, CCPA, PCI DSS)

Strong understanding of various data storage systems including relational databases, NoSQL databases, data warehouses, and cloud storage platforms

Expertise in authentication protocols (e.g., SAML, OAuth, OpenID Connect), directory services, and SSO technologies

Experience with cloud IAM architecture, particularly for major cloud providers (AWS, Azure, GCP)

Familiarity with privileged access management (PAM) solutions and best practices

Proficiency in conducting IAM risk assessments and vulnerability analyses

Strong analytical and problem-solving skills

Excellent communication and presentation abilities

Preferred Qualifications :

Relevant certifications such as CISSP, CISM, or CISSP-ISSAP

Experience with identity governance and administration (IGA) platforms

Knowledge of machine learning and AI applications in IAM

Familiarity with DevSecOps practices and IAM integration

Experience in financial services, healthcare, or other highly regulated industries

The ideal candidate will have a proven track record of designing and implementing robust IAM solutions across diverse environments.