IAM Solution Architect
Area of expertise:
About the Job
The Identity and Access Management (IAM) Solution Architect will serve as technical expert responsible for design & implementation of application and enterprise platforms within the Authentication and identity lifecycle space. The ideal candidate will be able to help design, monitor and maintain a world-class Privileged Access Management solution. In this role, the ideal candidate will manage standards for overall organization's application integration, middleware interfaces and architecture. Lead the collection of business requirements and the design / development of Privileged Access Management (PAM) solutions. Architecture design, physical design and technology strategy for Privileged Access Management solutions. Assist with development of roadmaps within the program space. Partner with other IAM architects and initiatives. Coordinate communications with internal and external teams. Participate in business process evaluation/improvement activities, requirements gathering, system analysis, system design, software / hardware applicability studies and system implementation and executes projects based on these activities. Provide input into the technology plans for the organization, and ensure that plans for their assigned applications integrate effectively with other aspects of the technical infrastructure. Assist or lead in the definition of systems solutions to functional problems, conforming to established system architecture standards and practices. Ensures successful transition of project deliverables to support / maintenance /operations teams
· Lead response to RFPs, scope security programs and assist in closing sales opportunities.
· Advise clients on the security implications of compliance and regulations such as OSFI, ISO, NIST, PCI, PIPEDA, GDPR etc.
· Leverage industry leading tools and Avanade partners to consult on Digital Identity security domain that may also include topics related to Identity Governance & Administration (IGA)
· Actively seek and nurture opportunities for business development.
· Actively participate in development of cyber security offerings.
· Actively lead multiple engagements simultaneously and seamlessly.
· Be the “Trusted Advisor” on best practices to protect Identity.
· Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats
· Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design premier security practices, and deliver strategic, innovative cloud-based security offerings
· Develop metrics that will measure current risk
· Analyze user and synthetic behaviors across identity providers to inform security decisions
· Carry out threat and risk assessments (TRAs) and develop security architecture to mitigate threats
· Support other Information Security service duties as assigned
The ideal team member will have a solid foundation across Microsoft technology stack and Azure security offerings. You will articulate security and risk-related concepts to key stakeholders using your experience and willingness to learn the following:
· 10+ years of work experience in the Digital Identity security domain including but not limited to On-Premises, Hybrid and Cloud only models, including hands-on technical management
· MSc on Cyber-Security or a Bachelor’s degree in Computer Science/Engineering or equivalent experience plus at least 8 years of work experience
· Experience building and managing a team of security professionals
· In-depth experience in medium to complex computing environments, with advanced knowledge in security technologies and services
· Cloud Technology experience with Microsoft Azure (IaaS/PaaS/SaaS)
· Design and manage deployments of IGA tools from partners such as Microsoft, SailPoint, ForgeRock, Okta, CyberArk, PingIdentity, Savyint.
· Implement compliance frameworks such as ISO/IEC 27001, NIST 800-53, PCI DSS, HITRUST, FedRamp
· Integrate ILM, DAG, ITSM, SoD, and stand-alone tools to support full-featured IGA
· Extensive understanding of IAM concepts such as directory services, RBAC, SSO, federation, MFA, provisioning, access certification
· Data & analytics tools – Log Analytics, Azure Sentinel, AI/ML, Microsoft Defender for Identity
· Security architecture and design
· Solid grasp of security standard methodologies
· Proven implementation of cloud security models, particularly identity, network, and encryption
· Business case development skills for justifying, prioritizing & forecasting the funding requirements for security programs and initiatives
· Demonstrated experience in developing and implementing information security programs
· Ability to work with teams both on shore and offshore, using remote collaboration technologies
· Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
· Deep knowledge on Azure Active Directory,
· Knowledge of SAML, OpenID Connect, OAuth, JSON, SPML, SCIM, XACML integration standards.
· Experience with domain migrations and consolidations: Merger and Acquisition projects (M&A)
· Knowledge of Red Forest model (Enhanced Security Administrative Environment)
· Identity Lifecycle Management
· Good to have experience with the following Identity and Access Management products: Sailpoint IdentityIQ, CyberArk, ForgeRock, Ping, Okta and Saviynt
One or more of the following
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Cloud Security Professional (CCSP)
MCSE Core Infrastructure
MCSE Cloud and Infrastructure
Share this job:
Avanade leads in providing innovative digital services, business solutions and design-led experiences for its clients, delivered through the power of people and the Microsoft ecosystem. Our professionals combine technology, business and industry expertise to build and deploy solutions to realize results for clients and their customers. Avanade has 29,000 digitally connected people across 23 countries, bringing clients the best thinking through a collaborative culture that honors diversity and reflects the communities in which we operate. We welcome all, and seek talented individuals who can bring their whole self to work, build inclusive teams and encourage diversity inside and outside the organization. Majority owned by Accenture, Avanade was founded in 2000 by Accenture LLP and Microsoft Corporation. Learn more at www.avanade.com.
Avanade® Is An Equal Opportunity Employer. Avanade prohibits discrimination and harassment against any employee or applicant for employment because of race, color, age, religion, sex, national origin, gender identity or expression, sexual orientation, disability, veteran, military or marital status, genetic information or any other protected status.
The EEO is the Law poster is available here
and poster supplement is available here
The Pay Transparency Policy is available here
Avanade is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation due to a disability for any part of the employment process, please send an e-mail to Avanade at firstname.lastname@example.org or call (206) 239-5610 and let us know the nature of your request and your contact information.
By using this site, you agree that we can place Cookies on your device. See our Job Applicant Data Privacy Statement and Cookies statement.