Identity Security Architect Role
">
Job Description:
">
* We are seeking an experienced Identity Security Architect to contribute to the security design, implementation, operation and maintenance of our Identity and Access Management service and related technologies.
">
Key Responsibilities:
">
* Provide design and architecture guidance for enterprise-level security initiatives, system integration, and tools within the Identity and Access Management (IAM) domain.
* Serve as the technical lead for enterprise-class IAM security initiatives.
* Develop security design patterns and architectural models that ensure repeatable, consistent architecture for IAM capabilities and related technologies.
* Establish information security best practices and architectural models to ensure compliance with enterprise-wide security policies and standards in the IAM space.
* Act as a business liaison and lead advisor to multiple business units.
* Lead operations and maintenance of key cybersecurity capabilities and services across multiple technologies.
* Stay informed on the evolving cybersecurity threat landscape to drive innovative solutions that enhance our security posture.
* Resolve issues and incidents through highly complex root cause analysis, followed by the development and implementation of strategic solutions.
* Translate complex security concepts into business-friendly language to facilitate stakeholder understanding and alignment.
">
Requirements:
">
* Bachelor's Degree in a related field.
* 6 years of previous related experience in the IAM domain with solid performance in an architect role working with cross-functional teams.
* Expertise in security concepts for identity and access management.
">
Preferred Qualifications:
">
* Experience designing and implementing secure Active Directory and Entra ID solutions.
* Knowledge of Active Directory authentication features (Kerberos, NTLM, LDAP).
* Experience with Active Directory security best practices (e.g. Privileged Access Management, credential theft mitigations, tiering model design).
* Knowledge of common attack vectors and methods such as pass the hash, pass the ticket, ransomware, kerberoasting.
* Experience of Active Directory capabilities (FSMO roles, schema management, trusts, replication, and Group Policy), Active Directory troubleshooting experience (AD replication, service health checks, advanced troubleshooting).
* Working knowledge of IAM services of any public cloud providers (Azure, AWS, GCP), is a plus.
* Understanding modern IAM solutions (e.g. MFA, Authentication strengths, conditional access policies, PIM, External Identity, Entra ID Application Proxy, SSO, Application integrations)
* Understanding of identity providers using SAML, OAuth, or Open ID Connect.
* Experience in IAM engineering, building and maintaining security controls.
* Experience implementing industry good practices (e.g. NIST, ISO2700x, SANS) preferred.
* Experience and/or understanding of at least 3 cybersecurity domains (e.g. platform security, application security, network security, infrastructure, cloud security, data security and identity and access management).
* Working knowledge with threat modeling (STRIDE), preferred.
* Certifications in related discipline (e.g. CEH, CISM, CISSP), preferred.
* Proficient analytical and problem-solving abilities to identify and mitigate potential identity security risks.
* Substantial knowledge and understanding of cybersecurity principles Experience drafting technical documentation.
* Excellent verbal and written communication skills and customer focused skills Ability to interact professionally with all organizational levels and proactively escalate issues to appropriate levels of management in the organization Ability to manage competing priorities in a fast-paced environment Strict attention to detail.
* Good organization and time management skills Ability to partner and facilitate security operations, incident response and forensic analysis when required.
"]},