CrawlJobs Logo

Senior IAM Architect

India, Bangalore Employment contract, B2B · Job Posted June 29, 2026
Apply Position
Job Link Share

Job Description

The Senior IAM Architect will define and deliver enterprise identity strategy and architecture, lead SailPoint IGA and CyberArk PAM design and integrations, architect Entra ID identity and conditional access models, and own PKI and certificate lifecycle strategy. This role partners with Security, Cloud, DevOps, and Application teams to ensure identity‑centric, auditable, and automated controls across the organization.

Job Responsibility

  • Define IAM target state, roadmaps, and standards covering IGA, PAM, Access Management, and PKI
  • produce architecture artifacts and governance models
  • Design role models, entitlement mappings, connector strategy, reconciliation, and certification campaigns
  • guide complex integrations with HR and business applications
  • Architect vault topology, privileged session controls, credential rotation, and onboarding patterns for service and privileged accounts
  • Design Entra ID/Azure AD identity flows, conditional access, B2B/B2C scenarios, and hybrid sync patterns
  • align cloud IAM across Azure, AWS, and GCP
  • Define PKI trust model, certificate issuance/renewal automation, and integration with DevOps pipelines and service identities
  • Drive SCIM/SAML/OIDC connector automation, Terraform/IaC for identity infrastructure, and scripting to reduce manual provisioning
  • Ensure audit readiness, lead access review programs, and translate regulatory requirements into technical controls
  • Lead technical teams, review designs, and mentor L1–L3 engineers to raise operational maturity

Requirements

  • Proven hands‑on experience with SailPoint and CyberArk implementations
  • Deep expertise in Entra ID / Azure AD, identity federation, conditional access, and hybrid identity patterns
  • Strong knowledge of PKI design and certificate lifecycle automation
  • Proficiency with identity protocols SCIM, SAML, OAuth/OIDC, and automation tools PowerShell, Python, Terraform
  • Experience with ITSM (ServiceNow), CI/CD integration, and audit evidence delivery.

Nice to have

  • Certifications: SailPoint, CyberArk, Microsoft Identity/Entra, CISSP
  • Experience integrating HR systems (Workday) and securing cloud native workloads (Kubernetes RBAC, secrets management)

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior IAM Architect

8 matching positions

Senior Information Security Architect - Cloud IAM

We are seeking a highly skilled Senior IAM Security Architect to join our inform...
Location
Location
United States
Salary
Salary:
148600.00 - 198200.00 USD / Year
firstam.com Logo
First American Financial
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design
  • Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification
  • Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID
  • In-depth knowledge of IAM security best practices, identity governance, and access management policies
  • Hands-on experience in conducting security risk assessments and threat modeling for IAM systems
  • Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments
  • Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls
  • Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory
  • Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments
  • Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning
Job Responsibility
Job Responsibility
  • Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements
  • Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments
  • Lead the design and evolution of CIAM architecture that supports secure, scalable, and customer-centric identity services across web, mobile, and API-based platforms
  • Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network
  • Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control
  • Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events
  • Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions
  • Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets
  • Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards
  • Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401k
  • PTO/paid sick leave
  • employee stock purchase plan
  • Fulltime
Read More
Arrow Right

Senior Identity & Access Management (IAM) Architect

We are currently seeking a Senior Identity & Access Management (IAM) Architect- ...
Location
Location
United States , Phoenix
Salary
Salary:
104550.00 - 193625.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of hands-on experience deploying and administering Ping Identity Suite (PingFederate, PingAccess, PingOne, PingID)
  • IAM Protocols: Strong understanding of federated identity, SSO, OAuth, OIDC, SAML 2.0, and LDAP
  • Governance Skills: Proven experience driving access certification campaigns, segregating duties (SoD), and managing identity governance
  • Soft Skills: Strong analytical problem-solving, excellent cross-functional collaboration, and effective communication for working with IT and auditing teams
Job Responsibility
Job Responsibility
  • Design and execute routine user access reviews, identity audits, and lifecycle management workflows across all enterprise applications
  • Create and configure role-based, attribute-based, and policy-based access controls (RBAC/ABAC) using PingAccess and PingFederate
  • Administer the Ping Identity platform (PingOne, PingFederate, PingAccess, PingID)
  • Support onboarding and integrating new enterprise applications with PingOne using protocols like OAuth, OIDC, and SAML
  • Troubleshoot access-related issues, MFA failures, and authentication flows while maintaining knowledge bases and SOPs
  • Generate audit-ready compliance reports for SOX, HIPAA, or GDPR by verifying user entitlements and resolving access outliers
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Active Directory/Azure AD-Senior Identity & Access Management (IAM) Architect

Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains
  • Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
Job Responsibility
Job Responsibility
  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
Read More
Arrow Right

Senior Identity & Access Management (IAM) Architect

Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains. Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities.
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
  • Strong Knowledge on IAM disciplines like PIM and Privilege Administrative Accounts PAM solutions such as CyberArk
Job Responsibility
Job Responsibility
  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
  • Fulltime
Read More
Arrow Right

Technical Solutions Architect Senior Specialist

The Technical Solutions Architect Senior Specialist role at NTT DATA involves an...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting/implementation/operational experience primarily in performing account and access discovery
  • 2+ years of hands-on experience in Microsoft Active Directory and Entra ID (Azure Active Directory)
  • Knowledge in RBAC and SailPoint
  • Experience in Windows and UNIX/Linux platforms
  • Experience in Active Directory & Azure Active Directory
  • Experience in Databases (MSSQL, Mainframe DB2)
  • Experience in Microsoft Tools (Excel, Macros, PowerBI)
  • Knowledge of Authentication protocols such as (Kerberos, LDAPS, NTLM, SAML, OAUTH)
  • Experience in applying security principles like Least privileges and SoD
  • PowerShell Scripting for discovering accounts and its accessing from systems like Microsoft directory services, SQL, Servers and Linux Servers
Job Responsibility
Job Responsibility
  • Discover and analyze existing user access by working with IT system administrators
  • Engage with different IT system administrators to understand the existing access and applications provisioned for end-users within their applications
  • Work with Onsite IAM Engineers and Lead to provide the analyzed data so the IAM team can use it as part of the RBAC strategy
  • Passively involve with IAM team in interviews with business owners to understand and document the access and business needs for RBAC strategy
  • Document all the discovery, strategic and tactical plans and deliverables on timely basis
  • Ability to work with AD, Azure AD, SailPoint IDN, Enterprise Reporter, ServiceNow, PowerShell and other tools to pull the reports for the discovery and analysis
  • Ability to correlate access and identify permissions that represent Least Privilege
  • Preform a tactical gap analysis to develop a remediation plan to comply with NYDFS for access reviews
  • Fulltime
Read More
Arrow Right

Senior IAM Engineer - Platform Security

Citi Secure is seeking a skilled Senior IAM Engineer to join our team, focusing ...
Location
Location
United States , Jacksonville
Salary
Salary:
113840.00 - 170760.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years' experience in IAM roles as it relates to the experience requirements below
  • 4+ years of hands-on Java/J2EE programming experience
  • 2+ years' experience scripting in Unix/Linux environments
  • Strong proficiency with Java IDEs (Eclipse), API testing tools (SOAP UI, Postman), LDAP clients, source control utilities (e.g., Git), and build/packaging tools (Ansible, Jenkins, Maven)
  • Extensive application security experience, with deep knowledge of SSO, Federation protocols (SAML, OpenID Connect, OAuth2), and Multi-factor Authentication (MFA)
  • Proven experience in architecting, designing, and implementing large-scale IAM solutions
  • Ability to customize, configure, and develop IAM solution integrations and independently manage project deliverables
  • Strong knowledge of application architecture, System Integration Testing (SIT), Functional Testing, and Regression Testing
  • Bachelor's Degree in Computer Science, IT, or a related field, or equivalent work experience
Job Responsibility
Job Responsibility
  • Design, implement, and maintain secure, scalable applications and infrastructure with a primary focus on Identity and Access Management (IAM) solutions
  • Manage franchise-critical security application infrastructure, including project delivery, integration, and operational subject matter expertise
  • Collaborate with cross-functional teams to gather requirements and ensure IAM solutions are strategically aligned with business needs
  • Develop robust scripts and/or Java/J2EE code to facilitate system monitoring, enhance process automation, and deliver project requirements
  • Create and diligently maintain comprehensive documentation for all IAM systems, processes, and problem resolutions within Knowledge Base tools
  • Provide expert technical application support for the security infrastructure, proactively troubleshooting and expediently resolving IAM-related issues to ensure minimal disruption
  • Conduct regular, thorough security audits, penetration testing, and SDLC validation to systematically identify and mitigate potential vulnerabilities before production deployment
  • Ensure strict adherence to internal controls and compliance standards defined by Citi
  • Proactively identify and implement automation opportunities for repetitive processes using tools like Ansible
  • Actively contribute to the strategic development, ongoing refinement, and roadmap planning for the firm's IAM initiatives
What we offer
What we offer
  • medical
  • dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Technical Solutions Architect Senior Specialist

We are currently seeking a Technical Solutions Arch. Sr. Specialist to join our ...
Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 7+ years of experience in Identity and Access Management (IAM), with substantial hands-on experience in Delinea PAM implementation and administration
  • Experience with other PAM solutions like CyberArk or BeyondTrust is a plus
  • Experience with cloud platforms (AWS, Azure, GCP) and DevSecOps practices is desirable
  • Deep expertise in Delinea or Centrify components, including agents, Access Manager, Audit components, Secret Server, and Privilege Manager
  • Strong understanding of Privileged Access Management (PAM) principles and Active Directory (AD) integration
  • Proficiency in scripting (PowerShell, Python, Bash) and working with REST APIs
  • Familiarity with high-availability (HA/DR) architecture and enterprise hardening standards
  • Strong problem-solving and analytical abilities
  • Excellent communication skills for collaborating with cross-functional teams and stakeholders
  • Ability to work independently and manage multiple tasks in a high-pressure environment
Job Responsibility
Job Responsibility
  • Design and Architecture: Lead the architecture, design, and deployment of enterprise-grade PAM solutions using the Delinea platform across hybrid environments
  • Implementation and Configuration: Administer, configure, and maintain Delinea components
  • Integration and Automation: Integrate the Delinea solution with Active Directory/Entra ID, LDAP, SIEM tools (e.g., Splunk), ServiceNow, and other identity management systems
  • Policy and Compliance: Define and enforce security policies, access controls, and workflows to ensure compliance with industry standards and regulatory requirements
  • Monitoring and Troubleshooting: Monitor the health, performance, and security of the Delinea infrastructure
  • Documentation and Guidance: Create and maintain architecture diagrams, technical documentation, and provide guidance and training to application teams and security stakeholders
  • Fulltime
Read More
Arrow Right

Senior IAM Automation Engineer

We’re seeking a Senior IAM Automation Engineer to transform how Apex manages wor...
Location
Location
United States , Austin
Salary
Salary:
108800.00 - 136000.00 USD / Year
apexclearing.com Logo
Apex Clearing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10+ years in DevOps, SRE, or software engineering roles with significant IAM/identity automation focus
  • Demonstrated experience building automation solutions for enterprise IAM platforms using APIs, scripting, and infrastructure-as-code
  • Track record of implementing workflow automation or orchestration platforms in production environments
  • Understanding of both technical IAM implementations and business processes (joiner/mover/leaver, access requests, compliance)
  • Experience working in hybrid on-premises and cloud environments
  • Software development proficiency - 5+ years writing production code (Python, PowerShell, Go, or similar) with strong API and SDK integration experience
  • IAM architecture skills - Deep understanding of SSO protocols (SAML, OIDC), provisioning standards (SCIM), directory services (Active Directory, Entra ID), and enterprise IAM platforms (Okta strongly preferred)
  • Infrastructure-as-Code mastery - Hands-on experience with Terraform, Ansible, or similar tools, plus CI/CD pipelines for automated deployments
  • DevOps/SRE practices - Experience building observable, reliable systems with appropriate monitoring, logging, and incident response capabilities
  • Workflow automation platforms - Demonstrated ability to implement and govern low-code/code-first automation tools (Tines, Workato, n8n, or similar)
Job Responsibility
Job Responsibility
  • Lead Tines platform implementation and governance - Define technical standards, architect RBAC models, and build workflows that automate employee lifecycle management, access requests, and certification campaigns
  • Build infrastructure-as-code for identity systems - Develop and maintain Terraform, PowerShell, and Python automation across hybrid infrastructure (on-prem AD/Adaxes, Entra ID, Okta, AWS IAM, GCP/GCI) to enable repeatable, version-controlled deployments with proper change management
  • Design API-driven automation and integrations - Architect scalable solutions that orchestrate identity workflows across HRIS (Workday), ticketing (ServiceNow), collaboration platforms (Slack, Teams, M365), and enterprise applications, leveraging APIs and SDKs to eliminate manual processes
  • Implement observability and self-healing capabilities - Build monitoring, alerting, and automated remediation for identity systems to reduce operational toil, improve reliability, and enable proactive issue detection across authentication flows and provisioning processes
  • Enable rapid application onboarding - Create automation frameworks and integration patterns that allow the business to onboard new SaaS applications with minimal manual intervention while maintaining security and compliance standards
  • Pioneer non-human identity (NHI) governance - Partner with SecOps to develop policies, controls, and automation for managing AI agents, LLM API keys, service accounts, bot identities, and machine-to-machine authentication as AI adoption accelerates across the organization
  • Mentor and develop junior team members - Share your hard-won experience and technical expertise to elevate the team’s capabilities. Conduct code reviews, pair programming sessions, and knowledge transfer that builds automation skills, IAM expertise, and engineering judgment across the team
  • Drive technical innovation in the identity space - Evaluate emerging tools and practices, establish CI/CD pipelines for IAM deployments, and leverage AI-powered development tools (LLMs, code generation, AI assistants) responsibly to accelerate automation delivery and stay ahead of business needs
What we offer
What we offer
  • Healthcare benefits (medical, dental and vision, EAP)
  • competitive PTO
  • 401k match
  • parental leave
  • HSA contribution match
  • paid subscription to the Calm app
  • generous external learning and tuition reimbursement benefits
  • Fulltime
Read More
Arrow Right