Your responsibilities will include:
Solution Design and Architecture
Design Access Management Systems:
Architect scalable and secure access management solutions that support business needs, including designing SSO, MFA, Identity Federation, RBAC, and PAM.
Integration Planning:
Design the integration of AM with the existing IT infrastructure, applications (both on-prem and cloud), and third-party services.
Security Frameworks:
Establish security protocols and frameworks for authentication, authorization, and identity management. Define security controls, such as encryption, tokenization, and identity federation standards (SAML, OAuth, OpenID Connect).
Cloud and Hybrid Solutions: Architect AM solutions for both- on-premises and cloud environments, ensuring seamless management of user identities across hybrid environments (e.g., AWS, Azure, or Google Cloud).
Requirements Gathering and Analysis
Collaborate with business stakeholders (e.g., IT, security, compliance teams, and end-users) to understand AM requirements and ensure the architecture meets functional and non-functional needs.
Access Control Models
Develop and define role-based, attribute-based, and policy-based access models, aligning user roles, permissions, and responsibilities with business objectives.
System Integration
Identity Providers & Directories:
Design integrations with Identity Providers such as PingOne Advanced Identity Cloud, Microsoft EntraID, ForgeRock (PingIDM, PingAM, PingDS), LDAP, or other directory services, integrating with both internal and external identity sources.
SSO and MFA: Architect and implement solutions for SSO and MFA across systems and applications.
Federation & External Identities:
Implement identity federation and manage integrations with external identity providers for third-party authentication.
API Security:
Architect access management solutions that include secure API access and token management using OAuth, OpenID Connect, and similar technologies.
Risk and Security Management
Security Risk Assessment: Conduct risk assessments to identify potential vulnerabilities within AM systems and design systems to mitigate risks, including enforcing least-privilege access and strong authentication mechanisms.
Incident Management:
Define processes for responding to access-related security incidents, such as unauthorized access attempts, privilege escalation, and identity theft.
Audit & Monitoring: Design and implement audit and monitoring systems to track access requests, user permission changes, and suspicious activities. Work with security operations to ensure logs and reports are generated for compliance and troubleshooting.
Technology Evaluation and Vendor Management
Tool Selection and Evaluation:
Evaluate, select, and recommend the best AM tools and platforms (e.g., IAM solutions, MFA solutions, SSO platforms) to align with organizational needs and security requirements.
Vendor Management: Collaborate with third-party vendors to integrate commercial tools and services, ensuring they meet the organizations security and compliance needs.
Proof of Concept (PoC):
Lead or participate in PoCs for new tools or technologies to evaluate their effectiveness in meeting the organizations requirements.
Collaboration and Cross-functional Engagement
Stakeholder Communication:
Collaborate with senior leaders, security architects, business stakeholders, and IT teams to communicate architecture designs, timelines, and strategies for implementing AM solutions.
Cross-functional collaboration: Work closely with application development, network, security, and infrastructure teams to ensure the AM architecture integrates seamlessly with other systems.
End-User Experience:
Ensure AM solutions are user-friendly, promoting a seamless user experience while maintaining strong security standards.
Performance and Optimization
System Performance: Optimize AM systems, ensuring they scale efficiently as the organization grows and the number of applications and users increases.
High Availability & Disaster Recovery: Design AM solutions with high availability, failover, and disaster recovery mechanisms to ensure minimal downtime and resilience.
Documentation and Knowledge Sharing
Architecture Documentation:
Create comprehensive documentation for the AM, design decisions, system configurations, and implementation guides.
Best Practices and Standards: Establish and promote best practices, coding standards, and operational guidelines related to AM, ensuring consistency across the organization.
Training and Knowledge Transfer: Provide training and knowledge transfer to teams responsible for maintaining and operating the AM systems post-implementation.
Continuous Improvement
Stay Current:
Keep up with IAM industry trends, security threats, and new technologies. Evaluate emerging solutions such as decentralized identity management, biometrics, and AI-driven access controls.
Innovation and Enhancement: Continuously improve the AM architecture by integrating new capabilities, enhancing security features, and reducing friction for end users.
Lets turn the spotlight onto you
You will need wide-ranging experience to succeed as a Senior Technical Architect (IAM) at SDG.
Authentication standards and technologies:
Proficiency with IAM solutions like SAML2.0, OAuth2.0, OpenID Connect, MFA, adaptive authentication, risk-based authentication, password-less authentication, certificate-based authentication, Kerberos authentication, etc., as well as cloud-based IAM solutions like PingOne Advanced Identity Cloud, Microsoft EntraID, PingOne, Okta, etc.
Access management solutions:
Strong understanding of IAM practices and AM solutions & extensive experience with PingOne Advanced Identity Cloud, ForgeRock (PingIDM, PingAM, PingDS), Microsoft EntraID, PingFederate, PingOne, Okta, etc.
Cloud environments:
Experience designing and implementing IAM solutions in cloud environments (e.g., AWS, Azure, GCP).
Security knowledge: Deep understanding of security principles, encryption, threat modeling, and vulnerability management.
Leadership skills: Strong leadership skills, including team management, conflict resolution, and mentoring.
Communication skills:
Strong ability to explain complex technical solutions effectively to technical and non-technical stakeholders.
Critical thinking skills: Strong analytical and troubleshooting skills for resolving issues.
Education and experience:
A technology degree and 12 to 15 years of experience in IAM. At least 3 years in a technical architecture or leadership role. A master's degree or specialized certification in IAM or security is a plus.
