CrawlJobs Logo
Aramark Logo Aramark · IT - Administration

Iam Architect

United States, Philadelphia Employment contract · Job Posted June 09, 2026
Apply Position
Job Link Share

Job Description

Aramark is modernizing its enterprise identity environment to support scalable, secure access across workforce, non-human, and emerging automation use cases. We are looking for an Identity Architect who can simplify complex identity challenges, define practical governance and authorization patterns, and help shape the future direction of enterprise identity capabilities. This role is a senior individual contributor position that partners across architecture, engineering, operations, and security teams to guide identity strategy, federation design, access models, and modernization efforts in a large-scale enterprise environment.

Job Responsibility

  • Develop enterprise authorization patterns across RBAC, ABAC, and policy-driven access models to improve consistency, scalability, and long-term adaptability
  • Shape identity governance architecture and support modernization efforts across lifecycle management and enterprise access capabilities
  • Establish governance patterns for non-human identities, including service accounts, APIs, and automation workflows
  • Lead the architectural direction for enterprise federation and access patterns across PingFederate, PingAccess, Entra ID, and related identity platforms
  • Define scalable SSO, federation, trust, and access design patterns for application onboarding and modernization efforts
  • Partner with IAM leadership, engineering, operations, and security teams to guide long-term identity architecture and modernization decisions
  • Translate identity strategy into practical design patterns, governance models, and implementation guidance
  • Produce architecture standards, design artifacts, and decision frameworks that improve consistency across the identity ecosystem

Requirements

  • Strong hands-on experience with Identity and Access Management (IAM), including identity governance, access controls, authentication, authorization, privileged access management, and enterprise IAM architecture
  • Strong experience designing identity governance, authorization, federation, and lifecycle management patterns in complex enterprise environments
  • Experience with SailPoint ISC or IIQ, including governance architecture and enterprise IAM transformation initiatives
  • Strong understanding of RBAC, ABAC, policy-driven access models, and modern identity governance concepts
  • Strong experience with federation and enterprise access architecture, including practical design experience with Ping Identity platforms such as PingFederate and PingAccess
  • Ability to translate complex identity challenges into scalable, pragmatic architectural approaches
  • Experience working in SOX-controlled or other highly regulated environments

Nice to have

  • Experience with non-human identity governance patterns, including service accounts, APIs, automation identities, or secrets management
  • Experience contributing to enterprise IAM modernization or identity operating model evolution initiatives
  • Experience with SailPoint IIQ-to-ISC migration or similar identity governance platform modernization efforts
  • Experience with Ping Identity platforms such as PingFederate, PingAccess, and PingDirectory in complex enterprise environments
  • Familiarity with cloud transformation, automation platforms, or identity-centric security models

What we offer

  • Medical
  • Dental
  • Vision
  • Work/life resources
  • Retirement savings plans like 401(k)
  • Paid days off such as parental leave and disability coverage
  • Generous PTO
  • Vacation and 9 paid holidays
  • Volunteer days
  • Community partnerships
  • Employee Assistance Program
  • Employee discounts on select services and products
  • Your choice of three medical plan tiers
  • Two carriers to choose from
  • My Healthy Changes well-being program
  • Adoption Assistance
  • Paid Parental Leave
  • Tuition Funding Sources
  • Scholarship Programs
  • Retirement plan (401K or SIRP for those eligible) with match on annual contributions
Aramark - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Iam Architect

8 matching positions

Iam Architect

The IAM Architect will be responsible for defining, designing, and governing ent...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience within IAM / Identity Security architecture
  • Strong understanding of IAM standards and protocols such as SAML, OAuth, and FIDO2
  • Hands-on architecture experience with enterprise IAM platforms (e.g. SailPoint, Ping Identity, CyberArk)
  • Experience with Azure AD / Entra ID, hybrid identity, and federation
  • Expertise in PAM architecture and privileged access security
  • Experience with RBAC and large-scale role engineering
  • Familiarity with ITDR and identity threat analytics
  • Experience working in complex, regulated enterprise environments
  • Strong stakeholder management and communication skills
  • Experience with TOGAF or similar enterprise architecture methodologies
Job Responsibility
Job Responsibility
  • Define and govern enterprise IAM architecture and strategy
  • Design scalable identity and access models, including RBAC and role engineering
  • Develop conceptual, logical, and physical IAM architectures and standards
  • Drive secure hybrid identity and federation solutions
  • Support Privileged Access Management (PAM) architecture initiatives
  • Align IAM capabilities with security, compliance, and business requirements
  • Contribute to large-scale IAM transformation programs
  • Collaborate with engineering, security, compliance, and business stakeholders
  • Ensure alignment with relevant regulatory and security frameworks
  • Fulltime
Read More
Arrow Right

IAM Architect

IAM Architect for Toronto, ON - Hybrid role.
Location
Location
Canada , Toronto
Salary
Salary:
140000.00 USD / Year
realign-llc.com Logo
Realign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 years in IAM space with 3 years in an Architect Role
  • 5 years of experience working within CIAM space (ForgeRock, Okta, Ping Identity etc.)
  • 3 years of hands-on experience with ForgeRock platform (SaaS or On-Prem)
  • Strong understanding of product capabilities
  • Strong understanding of various MFA technologies along with pro and con of each
  • Experience developing and documenting CIAM directives, standards and policies
  • Experience with designing and implementing authentication and credential management flows based on channel requirements
  • Experience in scoping, sizing and prioritizing solutions for a project
Job Responsibility
Job Responsibility
  • Responsible for the architecture and design of new features capabilities (ForgeRock Ping)
  • Review the business requirements (the what) provided by the IAM Product team and provide the overall architectural design (the how) to the IAM Engineering team to build into the IAM service
  • Provide required design artifacts to key stakeholders which clearly outlines the solution, components involved, key decisions, and time and cost estimates
  • Closely collaborate with IAM Engineering partners in all aspects of the design and ensure alignment and synergy regarding proposed solution
  • Evaluate new authentication capabilities introduced into the ever-changing IAM landscape and account for what is applicable into proposed designs (short-term and long-term)
  • Partner with various cross functional architect teams (IAM, security, business channel, fraud) to solidify design approach which aligns with best practices and strategic direction of the platform
  • Collaborate with stakeholders across the Bank - technology, security architecture, security advisory, fraud, compliance and business channel teams to provide enterprise grade solutions which meet the business and security requirements
  • Represent the CIAM Architecture team on various governance boards but providing both expertise and the required artifacts necessary to ensure stakeholder approval
  • Design based on strong CIAM expertise that aligns with industry standards (FIDO, OIDC, OAUTH), best practices (MFA, NIST 800-63B) and a forward-looking mentality (Passkeys, VCs, DIDs)
  • Fulltime
Read More
Arrow Right

Active Directory/Azure AD-Senior Identity & Access Management (IAM) Architect

Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains
  • Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
Job Responsibility
Job Responsibility
  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
Read More
Arrow Right

Senior Identity & Access Management (IAM) Architect

Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains. Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities.
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
  • Strong Knowledge on IAM disciplines like PIM and Privilege Administrative Accounts PAM solutions such as CyberArk
Job Responsibility
Job Responsibility
  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
  • Fulltime
Read More
Arrow Right

Staff IAM Architect

We are currently seeking a Sr. IAM Architect to join our growing Information Sec...
Location
Location
Canada
Salary
Salary:
Not provided
addepar.com Logo
Addepar
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of general Information Security experience
  • At least 5 years focused on Identity & Access Management
  • Bachelor’s degree/equivalent or higher (Computer Science or Engineering preferred)
  • In-Depth Experience with Identity & Access Management tools
  • Familiar with IT Governance and Compliance functions (SOC2, Data Governance)
  • Familiar with Security Operations Center (SOC) and Vulnerability management functions
  • Skilled at developing process maps and translating processes to technical/system requirements
  • Attention to details and analytical skills
  • Ability to build strong relationships and work collaboratively
  • Excellent verbal and written communication and organisational skills
Job Responsibility
Job Responsibility
  • Provide strategic direction on the overall maturity of the internal IAM program
  • Improve Data Quality in upstream and downstream systems (HRIS, IGA, IDP, Productivity Tools)
  • Lifecycle Management (Joiners, Movers and Leavers)
  • Governance such as Entitlement Reviews and proper inventory management of identities
  • Enhancing IAM Monitoring with a focus on Non-Human Identities (NHID)
  • Identity Governance & Administration (IGA) platform Enhancements
  • Assist with the Production Readiness process for IAM related queries and needs
  • Analysis and Understanding of access requirements, internal process & systems flows, client expectations, security policies to enforce least privileged access
  • Solution new processes and/or technologies to improve overall security posture
  • Assist with development and refinement of Information Security Policies & Standards
  • Fulltime
Read More
Arrow Right

Staff IAM Architect

We are currently seeking a Sr. IAM Architect to join our growing Information Sec...
Location
Location
United States
Salary
Salary:
137000.00 - 214000.00 USD / Year
addepar.com Logo
Addepar
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of general Information Security experience
  • At least 5 years focused on Identity & Access Management
  • Bachelor’s degree/equivalent or higher
  • Computer Science or Engineering related education preferred
  • In-Depth Experience with Identity & Access Management tools
  • Familiar with IT Governance and Compliance functions, including SOC2 and Data Governance
  • Familiar with Security Operations Center(SOC) and Vulnerability management functions
  • Skilled at developing process maps, and translating processes to technical / system requirements
  • Attention to details and analytical skills
  • Ability to build strong relationships and work collaboratively
Job Responsibility
Job Responsibility
  • Provide strategic direction on the overall maturity of the internal IAM program
  • Improve Data Quality in upstream and downstream systems (eg: HRIS, IGA, IDP, Productivity Tools)
  • Lifecycle Management (eg: Joiners, Movers and Leavers)
  • Governance such Entitlement Reviews and proper inventory management of identities
  • Enhancing IAM Monitoring with a focus on Non-Human Identities (NHID)
  • Identity Governance & Administration (IGA) platform Enhancements
  • Assist with the Production Readiness process to assist with IAM related queries, needs and assist stakeholders
  • Analysis and Understanding of access requirements, internal process & systems flows, client expectations, security policies, etc. to enforce a least privileged access model
  • Solution new processes and/or technologies to improve the overall security posture
  • Assisting with the development and refinement of Information Security Policies & Standards
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • reasonable accommodation for individuals with disabilities
  • flexible workforce model
  • Fulltime
Read More
Arrow Right

Senior Information Security Architect - Cloud IAM

We are seeking a highly skilled Senior IAM Security Architect to join our inform...
Location
Location
United States
Salary
Salary:
148600.00 - 198200.00 USD / Year
firstam.com Logo
First American Financial
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design
  • Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification
  • Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID
  • In-depth knowledge of IAM security best practices, identity governance, and access management policies
  • Hands-on experience in conducting security risk assessments and threat modeling for IAM systems
  • Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments
  • Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls
  • Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory
  • Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments
  • Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning
Job Responsibility
Job Responsibility
  • Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements
  • Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments
  • Lead the design and evolution of CIAM architecture that supports secure, scalable, and customer-centric identity services across web, mobile, and API-based platforms
  • Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network
  • Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control
  • Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events
  • Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions
  • Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets
  • Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards
  • Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401k
  • PTO/paid sick leave
  • employee stock purchase plan
  • Fulltime
Read More
Arrow Right

Iam Lead Architect

Join us as a IAM Lead Architect - IAM is a fast moving and strategic defence for...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Understanding of Identity management and security principles
  • Knowledge of PAM / AM / LAM
  • Experience of designing and implementing a new IGA platform
  • Understanding of Zero Trust and Security Architecture
Job Responsibility
Job Responsibility
  • Design and development of solutions as products that can evolve, meeting business requirements that align with modern software engineering practices and automated delivery tooling. This includes identification and implementation of the technologies and platforms
  • Targeted design activities that apply an appropriate workload placement strategy and maximise the benefit of cloud capabilities such as elasticity, serverless, containerisation etc
  • Best practice designs incorporating security principles (such as defence in depth and reduction of blast radius) that meet the Bank’s resiliency expectations
  • Solutions that appropriately balance risks and controls to deliver the agreed business and technology value
  • Adoption of standardised solutions where they fit. If no standard solutions fit, feed into their ongoing evolution where appropriate
  • Fault finding and performance issues support to operational support teams, leveraging available tooling
  • Solution design impact assessment in terms of risk, capacity and cost impact, inc. estimation of project change and ongoing run costs
  • Development of the requisite architecture inputs required to comply with the banks governance processes, including design artefacts required for architecture, privacy, security and records management governance processes
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right