About this role
Senior-level architect responsible for designing and modernizing enterprise identity security across on-prem and cloud environments, focusing on IAM/IGA/PIM, SSO, and Zero Trust.
Key Responsibilities
- Develop and maintain enterprise identity architecture blueprint across IAM/IGA/SSO/PIM; Establish identity standards and reference architectures; Define Zero Trust identity strategy and authentication roadmap; Assess identity risk posture and recommend controls; Architect identity lifecycle and governance including provisioning/deprovisioning
Technical Overview
Hands-on security architecture across AD/Entra ID, cloud identity, and multi-cloud environments; strong emphasis on lifecycle provisioning, access governance, and identity standards; extensive experience with SAML/OAuth/OIDC and modern authentication.
Ideal Candidate
The ideal candidate is a senior-level identity architecture leader with 8+ years designing and implementing enterprise IAM/IGA/PIM across on-prem and cloud environments, proficient in Entra ID/Azure AD and Zero Trust. They excel at collaborating with security, cloud, and infrastructure teams to drive modernization and regulatory compliance.
Must-Have Skills
Eight (8) years of proven experience in large enterprise companiesMinimum of eight (8) years in enterprise IAM/identity architectureHands-on experience in IAM systems like Ping or Okta or Azure EntraIDExperience with IGA tools like Sailpiont (SailPoint) and Saviyntand PIM tools like CyberArk or BeyondTrustExperience with multicloud identity (AWSGCP)Experience driving large-scale identity modernization or cloud transformation programsKnowledge of regulatory frameworks like SOXHIPAAPCIISO 27001or NIST
Nice-to-Have Skills
Certifications in Identity and Security areasMergers & Acquisitions (M&A) integration experience from a Microsoft identity security perspectiveExperience aligning Microsoft 365 security to enterprise compliance frameworks (NISTISOSOCGDPR)
Tools & Platforms
PingOktaAzure Entra IDAzure ADSailPointSaviyntCyberArkBeyondTrustMicrosoft 365AzureAWSGoogle Cloud Platform
Required Skills
Identity & Access ManagementIAMIdentity Governance & AdministrationPIMSSOZero TrustActive DirectoryEntra IDAzure ADRBACABACSAMLOAuthOIDCWSFedPasswordlessFIDO2Just-in-Time accessPrivileged Access ManagementProvisioningDeprovisioning
Hard Skills
Identity & Access Management (IAM)Identity Governance & Administration (IGA)Privileged Identity Management (PIM)Single Sign-On (SSO)Cloud IdentityActive DirectoryEntra ID (Azure Active Directory)Zero TrustMFAConditional AccessSAMLOAuthOIDCWS-FederationRBACABACJust-in-Time accessPrivileged Access ManagementAAD ConnectPasswordlessFIDO2Identity lifecycle managementProvisioning / Deprovisioning
Soft Skills
Executive communicationCross-functional collaborationStakeholder managementMentorshipProblem-solvingStrategic thinking
Certifications
Preferred
CISSP (Certified Information Systems Security Professional)CISM (Certified Information Security Manager)CISA (Certified Information Security Auditor)
Keywords for Your Resume
Sr. Enterprise Identity ArchitectIdentity & Access ManagementIAMIdentity Governance & AdministrationIGAPrivileged Identity ManagementPIMSingle Sign-OnSSOZero TrustActive DirectoryEntra IDAzure Active DirectoryAzure ADMicrosoft Entra IDMulticloud identityAWSAmazon Web ServicesGCPGoogle Cloud PlatformRBACABACJust-in-time accessPrivileged Access ManagementSAMLOAuthOIDCWS-FederationPasswordlessFIDO2Device identityWorkload identityIdentity lifecycle managementProvisioningDeprovisioningMFA
Deal Breakers
Less than 8 years of enterprise IAM/identity architecture experience, No hands-on experience with Ping, Okta, or Entra ID, Lack of multicloud identity experience (AWS or GCP)
Get matched to jobs like this
Luna finds roles that fit your skills and career goals — no endless scrolling required.
Create a Free Profile