Architect & Govern IAM

Architect & Govern IAM Manager / Sr. Associate

Company:

Employment Type:

Location:

Role Type:

Salary Range:

Shift Timing:

Target Start Date:

Open Positions:

• Manager 1
• Senior Associate 1

Experience Required:

• Manager: 8+ years
• Senior Associate: 68 years

Xperteez Technology is hiring experienced IAM Architects to design, govern, and operate enterprise-scale Identity and Access Management (IAM) frameworks across multi-tenant environments. The role focuses on security, compliance, scalability, and identity lifecycle governance.

Key Responsibilities:

• Design and govern IAM architecture and frameworks across tenants, ensuring scalability, resilience, and compliance with enterprise identity strategy.
• Lead user and group migrations across tenants, including UPN updates, group recreation, membership validation, and lifecycle governance.
• Implement and enforce security policies including Conditional Access (CA), MFA, passwordless authentication, session controls, and RBAC across Entra tenants.
• Validate and monitor authentication protocols (OAuth2, OIDC, SAML) ensuring token integrity, encryption, and claims consistency.
• Integrate and administer hybrid Identity Providers (Okta, ADFS, Ping), supporting federation, SCIM provisioning, and claims mapping for SaaS and custom applications.
• Automate IAM operations using PowerShell and Microsoft Graph API for users, groups, app registrations, and policy enforcement.
• Manage certificate and secret lifecycles for app registrations and service principals, including secure storage, rotation, and renewal.
• Provide technical oversight and mentorship, ensuring IAM standards, secure documentation, and troubleshooting best practices.
• Collaborate with stakeholders to deliver executive-level reporting, align IAM initiatives with compliance requirements, and monitor identity health and stability.

Mandatory Skills:

• IAM Architecture & Governance
• MFA & Identity Security
• Okta
• PowerShell
• OAuth2
• IAM Migration

Nice to Have Skills:

• Tenant-to-tenant migrations
• Conditional Access (CA), RBAC
• OIDC, SAML
• Hybrid IdPs
• SCIM provisioning
• Microsoft Graph API
• Certificate & secret lifecycle management
• App registrations & service principals
• Compliance alignment & identity health monitoring

Certifications:

• Microsoft Azure Certification (Good to Have)