Identity and Access Management (IAM) Solution Architect

Cloud Security Services is looking for an experienced Identity and Access Management (IAM) Solution Architect to assist Client with a multi-year IAM transformation initiative. Candidate must have a strong background in designing IAM architecture for large, complex environments. This is a 6-month remote project.

Responsibilities

· Support of omni-channel (Digital, Voice, Paper) standard patterns based on the target state IAM solution architecture and eco-system for client workforce members.

· Drive workforce IAM solution architecture and scoping of engineering design and scoping to support the transformation initiative.

· Create engineering diagrams to support the overall solution architecture.

· Maintain and update the overall solution architecture.

· Solution Architecture and Engineering Diagrams for technical discovery and integration with other systems (e.g., CMDB and ITSM).

· Support the development of basic use cases / role models for Day 1 (Birthright) access.

· Create engineering diagrams for implementation into IDMS.

· Support the implementation of target state digital identity records for employees, contractors, and robots.

· Provide access management architecture and engineering services.

· Support the architecture and engineering for IDMS compliance across business sectors.

· Support architecture and engineering for enhancing access recertifications for better end user experience.

· Support AD / AAD architecture and engineering requirements.

Covers the following pattern categories for IAM;

o Registration / Onboarding

o Third-party Service/API Access & Authorization

o Invitation-Based User Registration

o User Access Delegation

o User De-provisioning

o Helpdesk Processes

o Directory abstraction

· Evaluation of current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls.

Required Skills

· 7-10 years’ experience working in the Identity and Access management (IAM) information security space in an architecture capacity.

· 5-7 years’ experience with the following:

o Workforce IAM

o Consumer IAM (CIAM)

o Federation and single sign-on (B2B and B2C)

o National Institute of Standards and Technology (NIST) 800-53

o NIST 800-63

o NIST Cybersecurity Framework (CSF)

· Experience creating high and low level IAM architecture patterns.

· Experience developing and implementing IAM strategies and roadmaps.

· Experience with major IAM platforms including:

o Microsoft Active Directory

o Oracle Identity Manager

o F5 Access Policy Manager (APM)

o Optimal IDM

· A solid understanding of access control patterns including role-based access control (RBAC) and attribute-based access control (ABAC).

· Experience consulting on all phases of a full IAM lifecycle including:

o Book of record (BoR) to identity management system (IDMS) identity feeds.

o IDMS to directory and application identity provisioning.

o Application consumption of identity

· Strong written and verbal communication skills.

· Supporting communication of IAM efforts to all levels of an organization including C-Level.

· Experience with IAM governance including:

o Information security policies and procedures

o User lifecycle management (provisioning, de-provisioning, and maintenance)

o User and access recertification

· Understanding of major authentication and authorization protocols including:

o OAuth

o OpenID Connect

o SAML 2.0

o Unix/Linux authentication and authorization

· Business outcomes mindset

· Directory services design experience such as AD and AAD

· Excellent interpersonal communication skills with strong spoken and written English.

If yes to the previous question, what certification do you possess?*

Are you willing to produce a copy of your certificate?*