Identity and Access Management Architect / Engineer (Consultant/Senior Consultant)

This role will involve working closely with cross-functional teams to ensure seamless deployment and integration of identity solutions, as well as contributing to the ongoing operation and maintenance of IAM technologies across our clients. As part of this role, you will be expected to:

Ø Support the definition of IAM use cases, functional and non-functional solution requirements, and technical specifications, such as those for user authentication, access control, integration, performance and scalability requirements and specifications.

• IAM solutions by creating high-level and low-level designs that align with business objectives and comply with industry cybersecurity standards (e.g., NIST). For example, this includes:

• Creating high-level and low-level system architecture diagrams with technical descriptions of each component.

• Defining the dependencies to implement the solution, e.g., network rules, server resources, storage requirements.

• Defining the system specifications to support optimal performance.

• Integrating workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, multi-factor authentication solutions, and cloud platforms like Amazon Web Services (AWS) and Azure.

• Defining the Responsible, Accountable, Consulted, and Informed (RACI) matrix to operate and maintain the solution's infrastructure components.

• technical documentation for IAM implementations including process documentation to enable operation of the solution e.g., defining processes which cover user onboarding, access requests, identity governance, approval workflows, authentication workflows, provisioning/deprovisioning tasks.

• IAM solutions:

• Install solution components in on-premise environments where relevant, or configuration of cloud components (and scripting / coding of plug-ins / extensions for cloud solutions)
• Work with IT infrastructure teams to ensure pre-requisites and dependencies have been met and are in place.
• Integrate IAM solutions with existing enterprise applications/systems such as directories, cloud applications, HR systems and third-party identity providers.

• unit, integration, functional and non-functional testing for IAM solutions. As part of this, troubleshoot and resolve issues (e.g., authentication failures, access policy conflicts, user provisioning errors etc.) by working with vendors.

Ø Support the delivery of services post-implementation, from hyper-care support, resolving additional issues in production through advanced troubleshooting and debugging to ensure smooth operation.

Ø Conduct knowledge transfer to client IAM teams through technical training sessions on operating and maintaining the solution, empowering clients to effectively manage and support the IAM environment.

We are seeking experienced Identity and Access Management professionals with a strong background in architecture and engineering. The ideal candidate will have experience in supporting the design, implementation and testing identity and access management solutions. The ability to maintain and operate the technology is considered a strong asset., Whilst a bachelor's degree (or equivalent) in Computer Science or Engineering is desirable, we are more interested in your real-world professional experience and your ability to turn this into impactful client outcomes.

Key skills - not every candidate requires all of these but should be familiar and/or have experience with a majority of these:

Technical Skills:

The skills we want you to ultimately have will cover:

• Broad enterprise identity experience across Enterprise and Customer Authentication, with demonstrable ability to build identity strategies which integrate into client enterprise architectures and beyond.
• Experience in working with IGA, PAM, AM, AD and CIAM solutions such as SailPoint, Saviynt, etc.
• Experience working in a digital transformation environment supporting the definition of Identity architecture leveraging cloud native and/or other IAM solutions.
• Advanced, practical experience of cloud hosting services including, Amazon Web Services, Microsoft Azure, Google Cloud Platform.
• Hands-on experience of Microsoft Active Directory/Azure AD Domain Services, Federation Services, Certificate Services, DNS and DHCP.
• Understanding of decentralised identity, verifiable credentials, microservices and Trust over IP architecture stack.

In addition to the above the following are desirable:

• Understanding of malware and the modern threat landscape
• Relevant certifications (e.g. CIAM, CISSP, CAMS, etc.)
• Exposure to/Understanding of DevOps tools and repositories (e.g. Git, Azure Dev Ops, Kubernetes, Docker, Jenkins, Ansible etc.)
• Role based access control (RBAC) design
• Practical experience with Linux operating systems
• Experience with Modern Authentication concepts e.g. Self-Service Identity, Bring your own Identity, SCIM, SAML, WS-Federation, OAuth, Open ID Connect

Soft Skills:

• Experience with waterfall and agile type methodologies, often working within client specified frameworks.
• Managing junior team members across a mix of locations, cultures, and experience levels.
• Detail oriented and strong problem-solving skills.
• Excellent oral and written communication skills including concisely communicating status and creating customer reports and presentations.

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.