Cybersecurity Identity and Access Management Architect
Role details
Job location
Tech stack
Job description
This Cybersecurity Architect role will lead the design, integration, and governance of scalable, enterprise-wide IAM solutions. This strategic role is responsible for establishing secure identity foundations across a complex, multi-cloud and hybrid environment. As a critical member of the enterprise cybersecurity architecture team, you will guide the organization toward a Zero Trust security model while ensuring regulatory compliance, operational efficiency, and strong user experience.
The role will involve working with the business leaders and stakeholders across the enterprise to understand the business needs and the anticipated threats against the organization.
The Architect position will work closely with local technology experts and risk managers to assist in solution architecture and risk identification., * Develop and maintain the enterprise IAM reference architecture aligned to Zero Trust, NIST and cloud security frameworks.
- Design end-to-end IAM solutions that support Single Sign-on (SSO), Multi-factor Authentications (MFA), Identity Federation (e,g., SAML, OIDC), and Role-Based Access Control (RBAC).
- Architect identity lifecycle process across workforce, customer, and third-party identities (joiner/mover/leaver).
- Define enterprise IAM roadmap, incorporating AI capabilities and automation and ensure alignment with broader cybersecurity, IT, and business strategies.
- Support the development of IAM standards, patterns, and guardrails for secure access across applications, APIs, cloud platforms, and infrastructure.
- Collaborate with teams to leverage AI and machine learning to improve access risk detection, behavioral analytics, and anomaly detection
- Collaborate with data science and AI governance teams to define policies around ethical AI use in IAM processes
Requirements
Required
- 8 - 10 years of related IT experience
- Minimum 5 years' experience in a cybersecurity or architecture role
- Bachelor's Degree at College of Engineering and Technology or equivalent work experience.
- Strong understanding on Zero Trust, Identity-as-a-service (IDaaS) and modern access control models
- Subject matter expertise in identity governance and management, including both human, non-human and machine identities. Provide technical guidance and support in identifying and implementing next generation IGA products and services
- Deep knowledge of authentication protocols (SAML, OAuth2, OIDC, Kerberos), directory services (LDAP, AD) and policy frameworks (ABAC, PBAC).
- Deep technical understand of privileged access management and controls. Help research, identify and drive next generation Privileged Access capabilities and solutions
- Strong understanding of how technology relates to business, market and industry and applies knowledge to support the needs of critical systems and projects
- Able to function independently and perform multiple functions and duties with minimal supervision or guidance. Strong communication and interpersonal skills
- Excellent communications, stakeholder engagement, and technical writing skills
Preferred
- Certifications: CISSP, CCSP, SABSA, TOGAF, pr relevant IAM certs
- Background integrating IAM with DevSecOps, CI/CD pipelines, or containerized platforms (Kubernetes, Docker)
- Experience in the payments industry
- Experience with IAM in hybrid cloud environments (e.g., Azure, AWS, GCP)
Benefits & conditions
$168,500.00 - $271,200.00
These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company's sole discretion.
