IAM CIAM Lead – PAM (Infrastructure Security)
Share
Job Location:
Irvine, CA - USA
Monthly Salary:
Not Disclosed
Posted on:
5 hours ago
Vacancies:
1 Vacancy
Job Summary
Role: IAM / CIAM Lead - PAM (Infrastructure Security)
Location: Irvine CA (Onsite)
Experience Required: 8-10 Years
Job Summary
We are seeking a highly skilled IAM / CIAM Lead with strong Privileged Access Management (PAM) expertise to design and implement secure identity frameworks across enterprise environments. This role will focus on non-human identity security AI-driven identity controls and privileged access governance across multi-cloud platforms.
Key Responsibilities
IAM & PAM Leadership
-
Lead the design and implementation of Privileged Access Management (PAM) solutions including credential vaulting session management and privileged access workflows.
-
Develop and enforce identity security standards policies and governance frameworks.
-
Act as a Subject Matter Expert (SME) for IAM CIAM PAM and AI-driven identity security.
Cloud & Identity Security
-
Implement and manage multi-cloud IAM solutions across AWS Azure and GCP.
-
Configure and maintain directory services such as Azure AD / Entra ID AWS AD and Okta.
-
Enforce zero-trust security models RBAC ABAC and Just-in-Time (JIT) provisioning.
Authentication & Federation
-
Design and implement authentication mechanisms including:
-
SSO (Single Sign-On)
-
SAML OIDC OAuth2 protocols
-
API authentication and SCIM provisioning
-
AI & Non-Human Identity Security
-
Secure non-human identities and AI agents using:
-
Least privilege enforcement
-
Policy-based guardrails
-
Mutual TLS and secure token exchange
-
-
Work with emerging standards such as Model Context Protocol (MCP) for AI identity integration.
Infrastructure & Automation
-
Automate IAM processes using tools such as:
-
Terraform Ansible Pulumi Cloud-init Python
-
-
Integrate IAM with API gateways and service meshes (Kong Istio Apigee).
-
Manage machine identities using certificates and frameworks like SPIFFE/SPIRE.
Security Operations & Governance
-
Perform threat modeling and risk assessments including insider threat scenarios.
-
Support incident response root cause analysis and remediation for IAM-related security issues.
-
Collaborate with Technology Risk and Security teams to implement compliance controls.
-
Drive integration with enterprise security platforms and identify automation opportunities.
Stakeholder Management
-
Lead cross-functional collaboration with engineering security and business teams.
-
Deliver status updates demos training sessions and technical guidance to stakeholders.
Required Skills
Top 3 Required Skills
-
Strong expertise in IAM / CIAM and Privileged Access Management (PAM)
-
Hands-on experience with authentication protocols (SAML OAuth2 OIDC) and Zero Trust
-
Experience with multi-cloud IAM (AWS Azure GCP) and automation tools
Technical Skills
-
IAM & PAM Tools: CyberArk StrongDM Azure Key Vault AWS Secrets Manager
-
Cloud Platforms: AWS Azure GCP
-
Identity & Access: SSO SAML OAuth2 OIDC SCIM RBAC ABAC
-
Automation: Terraform Ansible Pulumi Python
-
Infrastructure Security: API Gateways Service Mesh (Kong Istio Apigee)
-
Machine Identity: Certificates SPIFFE/SPIRE
-
Security Concepts: Zero Trust Threat Modeling OWASP Top 10 (IAM risks)
Preferred Qualifications
-
Experience with AI security and agentic identity systems
-
Knowledge of Model Context Protocol (MCP) and AI identity frameworks
-
Experience in large enterprise or regulated environments
-
Strong leadership and stakeholder management experience
Key Skills
-
Identity & Access Management (IAM)
-
Customer Identity & Access Management (CIAM)
-
Privileged Access Management (PAM)
-
Cloud Security
-
Zero Trust Architecture
-
API Security & Federation
-
IAM Automation
Key Skills
- Ruby
- Disaster Recovery
- Active Directory
- SOA
- Cloud
- IaaS
- PowerShell
- AWS
- Infrastructure
- Linux
- VPN
- Hyper-V
- VM
- IP
- Identity
