AWS Workspaces Architect & Identity Integration SME

AWS Workspaces Architect & Identity Integration SME The AWS WorkSpaces Architect will be responsible for end-to-end design and automated implementation of the AWS WorkSpaces environment, with a strong focus on identity integration, authentication, and secure access. The SME will ensure seamless integration between AWS Workspaces, Active Directory, MFA solutions, and enterprise SaaS/on-prem applications. The qualified candidate will be responsible for the following: Design and implement AWS Workspaces architecture aligned to user personas and workload requirements Lead AWS Workspaces technology implementation to support performance, security, and user experience needs Integrate AWS Workspaces with Active Directory (on-prem and/or cloud-based) Provide short-term (tactical) and long-term (strategic) options based on best practices Implement and enforce MFA across Workspaces and integrated applications Configure Single Sign-On (SSO) for Office 365, OneDrive, SaaS, and enterprise applications

Define identity governance, RBAC models, and conditional access policies Ensure secure identity federation and directory integration (AD Connector, AWS Managed AD, Azure AD/Entra ID) Collaborate with security teams to align authentication and access controls with enterprise policies Provide architectural guidance on high availability, scalability, and cost optimization The qualified candidate must have the following skills and experience: Deep expertise in AWS Workspaces and AWS EUC services Strong experience with Active Directory (GPOs, DNS, trusts, hybrid identity) Hands-on experience with various MFA solutions Experience with SSO protocols (SAML, OAuth, OpenID Connect) Knowledge of Azure AD / Entra ID and hybrid identity architectures Strong understanding of AWS networking (VPC, VPN, Direct Connect) Experience integrating Workspaces with enterprise SaaS platforms (e.g., Microsoft 365, Workday, etc.) Familiarity with Citrix/VMware VDI environments for migration context It would be nice for the qualified candidate to have the following: AWS certifications (e.g., AWS Solutions Architect, AWS Advanced Networking) Experience with Zero Trust security architecture Prior experience with large-scale (500+ users) EUC deployments The client is based in the New York Metropolitan area for this 100% remote opportunity. The qualified candidate must be able to work East Coast hours. Applicants must be authorized to work in the U.S. We are unable to sponsor or take over sponsorship for an employment visa currently. We are unable to work with third-party companies. For additional information and immediate consideration, please email your resume and LinkedIn profile to .