Cybersecurity IAM Architect
Role details
Job location
Tech stack
Job description
You will take a lead role in driving the maturity and modernization of the IAM security program managing millions of identities across the entire financial services industry. In this role, you will
will lead the design, integration, and governance of scalable, enterprise-wide IAM solutions and will be responsible for establishing secure identity foundations across a complex, multi-cloud and hybrid environment. As a critical member of the enterprise cybersecurity architecture team, you will guide the organization toward a Zero Trust security model while ensuring regulatory compliance, operational efficiency, and strong user experience.
What you'll do:
- Develop and maintain the enterprise IAM reference architecture aligned to Zero Trust, NIST and cloud security frameworks.
- Design end-to-end IAM solutions that support Single Sign-on (SSO), Multi-factor Authentications (MFA), Identity Federation (e,g., SAML, OIDC), and Role-Based Access Control (RBAC).
- Architect identity lifecycle process across workforce, customer, and third-party identities (joiner/mover/leaver).
- Define enterprise IAM roadmap, incorporating AI capabilities and automation and ensure alignment with broader cybersecurity, IT, and business strategies.
- Support the development of IAM standards, patterns, and guardrails for secure access across applications, APIs, cloud platforms, and infrastructure.
- Collaborate with teams to leverage AI and machine learning to improve access risk detection, behavioral analytics, and anomaly detection
- Collaborate with data science and AI governance teams to define policies around ethical AI use in IAM processes, * This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.
Requirements
- 8 - 10 years of related IT experience
- Minimum 5 years' experience in a cybersecurity or architecture role
- Strong understanding on Zero Trust, Identity-as-a-service (IDaaS) and modern access control models
- Subject matter expertise in identity governance and management, including both human, non-human and machine identities. Provide technical guidance and support in identifying and implementing next generation IGA products and services
- Deep knowledge of authentication protocols (SAML, OAuth2, OIDC, Kerberos), directory services (LDAP, AD) and policy frameworks (ABAC, PBAC).
- Deep technical understand of privileged access management and controls. Help research, identify and drive next generation Privileged Access capabilities and solutions
- Bachelor's Degree at College of Engineering and Technology or equivalent work experience., * Certifications: CISSP, CCSP, SABSA, TOGAF, pr relevant IAM certs
- Background integrating IAM with DevSecOps, CI/CD pipelines, or containerized platforms (Kubernetes, Docker)
- Experience in the payments industry
- Experience with IAM in hybrid cloud environments (e.g., Azure, AWS, GCP), * You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered.
Benefits & conditions
$168,500.00 - $271,200.00
These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company's sole discretion.
