Lead Architect - IAM Transformation - Interim

Location: Amsterdam / Remote

Contract Type: Interim position

Start Date: September 2025 to be agreed

Duration: Until December 29 2025 (with possible extension)

About the Program

A major European organisation is driving one of its most business-critical digital initiatives: the transformation of its identity and access management (IAM) landscape. The program aims to modernize standardize and secure IAM across multiple markets by implementing a centralized platform based on Microsoft Entra ID and related technologies.

To support this transformation we are seeking an experienced and visionary Lead Architect to define the future-state IAM architecture provide strategic technical guidance and ensure architectural consistency across all transformation initiatives.

About the Role

As Lead Architect IAM Transformation you will be responsible for defining and governing the end-to-end IAM architecture ensuring alignment with enterprise architecture principles and balancing both business and security needs. You will guide the design and integration of IAM capabilities (identity lifecycle management authentication authorization privileged access) into the transformed IT landscape and lead the transition from legacy solutions to the new IAM target state.

Key Responsibilities

• Own and maintain the IAM architectural vision and roadmap in alignment with global IAM strategies.

• Define the target architecture and principles for Microsoft Entra ID IGA (Identity Governance and Administration) PAM (Privileged Access Management) and access provisioning.

• Provide architectural leadership across workstreams and ensure technical consistency in designs integrations and implementations.

• Design solutions for replacing legacy custom-based and third-party authorization mechanisms.

• Develop migration strategies for applications currently managed through legacy identity services.

• Define models for secure and compliant use of generic (non-personal) accounts across the application landscape.

• Map legacy IAM components (custom APIs sync jobs role logic web services database jobs) into sustainable constructs.

• Translate entitlement logic into standardized workflows lifecycle events and PAM entitlements.

• Establish connector performance SLOs (latency throughput timeout/retry budgets) and certify designs.

• Set guardrails for IGA custom connectors (Java/Beanshell PowerShell SCIM SAP JCo REST).

• Oversee provisioning workflows access request logic and birthright provisioning.

• Define CI/CD standards (Azure DevOps GitLab) and promote secure-by-design practices.

• Collaborate with transformation leaders program managers security architects engineers and business stakeholders.

• Support teams in making architectural decisions aligned with future-state models.

• Lead the definition of IAM solution blueprints patterns and guardrails for scalable secure implementations.

• Review and validate solution designs from internal teams and external vendors.

• Proactively identify architectural risks and dependencies and define mitigation strategies.

• Contribute to architecture governance processes documentation and design standards.

• Author and govern attribute contracts with data-owner sign-off and maintain a published catalogue.

• Define reconciliation/fallback plans and graceful-degradation runbooks with acceptance tests.

What We Offer

• A leadership role within a large-scale digital transformation program.

• The opportunity to define and implement critical identity and access capabilities.

• A collaborative cross-functional environment with a focus on innovation and best practice.

• Flexible remote working setup.

• Competitive remuneration based on experience and expertise.

Your Profile

• Bachelors or Masters degree in Computer Science Information Security or a related field.

• 8 years of IT architecture experience with at least 5 years focused on IAM.

• Proven track record designing and implementing enterprise IAM solutions including Azure Entra ID IGA tools (e.g. SailPoint Saviynt) PAM (e.g. CyberArk) and SSO/MFA frameworks.

• Strong knowledge of enterprise architecture methodologies (e.g. TOGAF) Zero Trust and security best practices.

• Experience leading complex discussions with both business and technical stakeholders.

• Excellent communication influencing and stakeholder management skills.

• Fluent in English; knowledge of an additional European language is an advantage.