IAM Architect

Job Title: Sr. IAM Architect

Location: Dallas TX Hybrid Role

Summary: The IAM Architect is responsible for defining and leading the enterprise-wide Identity and Access Management strategy architecture and roadmap to ensure secure compliant and seamless access to systems and data across on premises and cloud environments. This role combines strategic architecture solution design and technical leadership working closely with security infrastructure application and business teams.

Experience Requirements:

• 10 years of experience in Information Security
• 5 years of hands-on experience in IAM architecture design and solution delivery in enterprise environments

Key Responsibilities:

• Define and own the enterprise IAM architecture standards and reference patterns across authentication authorization identity lifecycle and privileged access.
• Develop and maintain the IAM roadmap aligned with security strategy business objectives and regulatory requirements.
• Design end to end IAM solutions including Identity Governance & Administration (IGA) Single Sign On (SSO) Multi Factor Authentication (MFA) and Privileged Access Management (PAM).
• Lead solution design for key IAM capabilities: user provisioning and de provisioning access request workflows role based and attribute based access control (RBAC/ABAC) and access certification.
• Architect integrations between IAM platforms and enterprise applications directories cloud services APIs and CI/CD pipelines.
• Define patterns for integrating applications with SSO/MFA directory services (AD/LDAP) and identity federation (SAML OAuth2/OIDC).
• Partner with Security Risk and Compliance teams to ensure IAM controls support audit regulatory and policy requirements (e.g. SoD least privilege logging and monitoring).
• Conduct IAM risk assessments and threat modeling for new and existing solutions; recommend and drive remediation.
• Provide technical leadership to IAM engineers and project teams guiding implementation configuration and migration activities.
• Establish and promote DevOps and automation practices for IAM (e.g. configuration as code CI/CD for IAM changes automated testing).
• Create and maintain architectural documentation solution designs standards and guidelines for IAM.
• Act as a primary IAM subject matter expert for stakeholders supporting design reviews RFPs and vendor/product evaluations

Required Qualifications:

• Bachelors degree in computer science Information Security Engineering or related field or equivalent experience.
• Deep knowledge of IAM concepts: identity lifecycle authentication and authorization RBAC/ABAC least privilege SoD and Zero Trust principles.
• Strong hands on experience with at least two major IAM platforms such as:
• Identity Governance: SailPoint Saviynt etc.
• Workforce/Customer IAM & SSO: Microsoft Entra ID/Azure AD Okta Ping etc.
• Privileged Access: CyberArk BeyondTrust or similar.
• Solid understanding of directories and identity stores (AD/LDAP) group strategy OU design and delegation models.
• Strong knowledge of IAM standards and protocols: SAML OAuth2 OpenID Connect SCIM LDAP Kerberos.
• Experience designing IAM solutions for hybrid environments (on prem cloud and SaaS) on platforms such as Azure AWS or GCP.
• Demonstrated experience leading complex IAM projects or programs collaborating with cross functional technology and business stakeholders.
• Strong communication skills with ability to explain technical concepts to both technical and non technical audiences and influence senior stakeholders.

Preferred Qualifications:

• Experience implementing or architecting IGA solutions with SailPoint Entra ID Okta Ping or equivalent (e.g. lifecycle manager certifications SoD connector design).
• Experience integrating IAM with PAM tools and aligning privileged access with IGA policies.
• Background in security architecture or enterprise architecture with a focus on IAM.
• Familiarity with DevOps tooling and practices (e.g. Git CI/CD pipelines) for IAM change management.
• Knowledge of regulatory and compliance frameworks (e.g. SOX GDPR HIPAA ISO 27001) and their implications for IAM controls.
• Relevant certifications such as CISSP CCSP CISM GIAC (e.g. GIAC GMOB/GCIA) or vendor certifications in IAM platforms (e.g. SailPoint Okta Microsoft).

Key Competencies:

• Strategic and analytical thinking with ability to translate business needs into IAM solutions.
• Strong problem solving skills and ability to handle complex integration and design challenges.
• Leadership and mentoring skills for guiding engineering teams and influencing architectural decisions.
• High degree of accountability ownership and drive to improve security posture and user experience.