Workforce Identity and Access Management Architect

Cloud Security Services is currently looking foran experiencedWorkforce Identity and Access Management(IAM) Solution Architect & Engineerforour client.Ourclient requires an experiencedWorkforceIdentity and Access Management(IAM) SolutionArchitect& Engineerto developsolutionpatternsto onboard / migrate / convert applications to the client’s target stateworkforce IAM architecture.The right candidate must haveastrongbackgroundin designingIAMarchitecturefor large,complexand globalIAMenvironmentsthat includes operational technology.This is a 3-month remote project.

Responsibilities:

• Development ofomni-channel (Digital, Voice, Paper)standard patterns based onthe target stateIAM solution architecture and eco-system for client workforcemembers
• Continue to drive workforce IAM solution architecture and scoping of engineering design and scoping to support the transformationinitiative
• Create engineering diagrams to support the overall solutionarchitecture
• Provide infrastructure-as-code examples to support the engineeringdiagrams
• Maintain and update the overall solutionarchitecture
• Assist in building application consumption inventories and identify inventory and use cases for other IAM assets that are "unknown"
• Solution Architecture and Engineering Diagrams for technical discovery and integration with other systems (e.g., CMDB and ITSM)
• Support the development of basic use cases / role models for Day 1 (Birthright) access
• Create engineering diagrams for implementation intoIDMS
• Solution Architecture Updates to Reflect Contractor Authoritative Decision
• Support the implementation for target state digital identity records for employees, contractors androbots
• Provide access management architecture and engineeringservices
• Support the architecture and engineering for IDMS compliance across businesssectors
• Support architecture and engineering for enhancing access recertifications for better end userexperience
• Support AD / AAD architecture and engineering requirements
• Covers the following pattern categories forIAM;
• Registration / Onboarding
• Authorization
• Third-party Service/API Access & Authorization
• Invitation-Based User Registration
• User Access Delegation
• User De-provisioning
• Helpdesk Processes
• Evaluation of current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls

Required Skills:

• Senior and experiencedIAM Architect(5-7 years)in creatingsolutionarchitectureand engineering(design pattern diagrams)
• Good understanding ofIAM
• Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth
• Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, SOA services
• Experience withApp Gateways,App Proxies
• Good understanding of MFA, PAM and Risk Based Authentication
• Deep technical understanding of IAM solutions across multiple vendors. Like Microsoft,Oktaand Quest
• Experience with NIST SP800-63 Digital Authentication Standard
• Ability to work acrossteams

Preferred Skills:

• Business outcomes mindset
• Directory services design experience such as AD and AAD
• Excellent interpersonal communication skills with strong spoken and written English
• Scripting experience
• Collaborative team worker
• Flexibility to accommodate working across different time-zones