What you will do
We are looking for a seasoned IAM Architect with deep expertise in designing and implementing enterprise-grade identity and access management solutions. The ideal candidate will have hands-on experience with SailPoint Identity Security Cloud (ISC), Ping Identity, Microsoft Entra ID, Okta, and Privileged Access Management (PAM) platforms. This role requires a strategic thinker with strong technical skills to lead IAM architecture initiatives across hybrid and multi-cloud environments.
Roles & Responsibilities:
-
Design and Develop the Amgens enterprise Identity and Access architecture vision and strategy, ensuring alignment with business objectives
-
Architect, implement and manage IAM solutions using SailPoint ISC, Ping Identity, Entra ID, Okta, and PAM tools (e.g., CyberArk, Beyond Trust).
-
Accountable for designing and building customizations & configurations on the SailPoint ISC, Entra ID, Ping environments as per the business needs including creating custom objects, integrations, fields, workflows
-
Responsible for strategizing IAM Integrations while adhering to consistent integration standards and patterns, designing integration workflows, building connectors, centralizing build & run, and performing a consistent DevOps model for integrations
-
Lead the design of identity lifecycle management, access governance, and role-based access control (RBAC) frameworks.
-
Identify and mitigate architectural risks, ensuring that the IAM platform is scalable, secure, and resilient
-
Maintain comprehensive documentation of the IAM architecture, including principles, standards, user guides, and models
-
Drive continuous improvement in the architecture by finding opportunities for innovation and efficiency
-
Work with stakeholders to gather and analyse requirements, ensuring that solutions meet both business and technical needs
-
Drive Zero Trust and least privilege access strategies.
-
Provide domain expertise in IAM to the team, offering guidance on architecture, solution design, and implementation challenges.
-
Provide hands-on technical leadership in resolving complex technical issues and ensuring smooth deployment and system integration
What we expect of you
We are all different, yet we all use our unique contributions to serve patients.
Basic Qualifications:
SailPoint Identity Security Cloud (ISC), SailPoint IIQ Ping Identity (PingFederate, PingAccess) Microsoft Entra ID (Azure AD) Okta Identity Cloud Privileged Access Management (CyberArk, Beyond Trust, or similar)
-
Strong understanding of IAM protocols: SAML, OAuth2, OpenID Connect, SCIM, LDAP.
-
Experience with cloud IAM and hybrid identity architectures.
-
Familiarity with regulatory and compliance frameworks (e.g., SOX, HIPAA, GDPR, ISO 27001).
-
Experience working in agile methodology, including Product Teams and Product Development models
-
Can lead and guide multiple teams to meet techno functional needs and goals
Preferred Qualifications:
-
Certifications such as SailPoint Certified Identity Now Architect, Okta Certified Professional, Microsoft SC-300, CISSP, CCSP or CISM.
-
Experience with scripting and automation (PowerShell, Python, REST APIs).
-
Knowledge of DevSecOps practices and CI/CD integration with IAM.
-
Experience with Identity Governance and Administration (IGA) and Identity Risk Management.
Good-to-Have Skills:
-
Good Knowledge of the Global Pharmaceutical Industry
-
Understanding of GxP process
-
Strong solution design and problem-solving skills
-
Ability to analyze client requirements and translate them into solutions
Soft Skills:
-
Excellent leadership and team management skills.
-
Strong transformation and change management experience.
-
Exceptional collaboration and communication skills.
-
High degree of initiative and self-motivation.
-
Ability to manage multiple priorities successfully.
-
Team-oriented with a focus on achieving team goals.
-
Strong presentation and public speaking skills.
-
Excellent analytical and solving skills
-
Strong verbal and written communication skills
-
Ability to work effectively with global, virtual teams
Shift Information:
This is a Hybrid position that requires partly office and remote presence and may require working during later hours to align with business hours. Candidates must be willing and able to work outside of standard hours as required to meet business needs .
