Identity and Access Management (IAM) Solution Architect

Cloud Security Services is looking for an experienced Identity and Access Management (IAM) Solution Architect to assist Client with a multi-year IAM transformation initiative.

Candidate must have a strong background in designing IAM architecture for large, complex environments.

This is a 6-month remote project.   Responsibilities

• Support of omni-channel (Digital, Voice, Paper) standard patterns based on the target state IAM solution architecture and eco-system for client workforce members.
• Drive workforce IAM solution architecture and scoping of engineering design and scoping to support the transformation initiative.
• Create engineering diagrams to support the overall solution architecture.
• Maintain and update the overall solution architecture.
• Solution Architecture and Engineering Diagrams for technical discovery and integration with other systems (e.g., CMDB and ITSM).
• Support the development of basic use cases / role models for Day 1 (Birthright) access.
• Create engineering diagrams for implementation into IDMS.
• Support the implementation of target state digital identity records for employees, contractors, and robots.
• Provide access management architecture and engineering services.
• Support the architecture and engineering for IDMS compliance across business sectors.
• Support architecture and engineering for enhancing access recertifications for better end user experience.
• Support AD / AAD architecture and engineering requirements.   Covers the following pattern categories for IAM; o Registration / Onboarding o Authentication § Authorization o Third-party Service / API Access & Authorization o Invitation-Based User Registration o User Access Delegation o User De-provisioning o Helpdesk Processes o Omnichannel Services "Overlay" o Directory abstraction o Multi-factor authentication
• Evaluation of current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls.   Required Skills
• 7-10 years’ experience working in the Identity and Access management (IAM) information security space in an architecture capacity.
• 5-7 years’ experience with the following :
• o   Workforce IAM o   Consumer IAM (CIAM) o   Federation and single sign-on (B2B and B2C) o   National Institute of Standards and Technology (NIST) 800-53 o   NIST 800-63 o   NIST Cybersecurity Framework (CSF)
• Experience creating high and low level IAM architecture patterns.
• Experience developing and implementing IAM strategies and roadmaps.
• Experience with major IAM platforms including : o   Microsoft Active Directory o   Microsoft Azure Active Directory o   Oracle Identity Manager o   F5 Access Policy Manager (APM) o   Optimal IDM
• A solid understanding of access control patterns including role-based access control (RBAC) and attribute-based access control (ABAC).
• Experience consulting on all phases of a full IAM lifecycle including : o   Book of record (BoR) to identity management system (IDMS) identity feeds. o   IDMS to directory and application identity provisioning. o   Application consumption of identity
• Strong written and verbal communication skills.
• Supporting communication of IAM efforts to all levels of an organization including C-Level.
• Experience with IAM governance including : o   Information security policies and procedures o   User lifecycle management (provisioning, de-provisioning, and maintenance) o    User and access recertification
• Understanding of major authentication and authorization protocols including : o   OAuth o   OpenID Connect o   SAML 2.0 o   Kerberos NTLM Authentication o   Unix / Linux authentication and authorization
• Business outcomes mindset
• Directory services design experience such as AD and AAD
• Excellent interpersonal communication skills with strong spoken and written English.
• Scripting experience
• Implementation experience
• Collaborative team worker Powered by JazzHR