This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
The Senior IAM Architect will define and deliver enterprise identity strategy and architecture, lead SailPoint IGA and CyberArk PAM design and integrations, architect Entra ID identity and conditional access models, and own PKI and certificate lifecycle strategy. This role partners with Security, Cloud, DevOps, and Application teams to ensure identity‑centric, auditable, and automated controls across the organization.
Job Responsibility
Define IAM target state, roadmaps, and standards covering IGA, PAM, Access Management, and PKI
produce architecture artifacts and governance models
Design role models, entitlement mappings, connector strategy, reconciliation, and certification campaigns
guide complex integrations with HR and business applications
Architect vault topology, privileged session controls, credential rotation, and onboarding patterns for service and privileged accounts
Design Entra ID/Azure AD identity flows, conditional access, B2B/B2C scenarios, and hybrid sync patterns
align cloud IAM across Azure, AWS, and GCP
Define PKI trust model, certificate issuance/renewal automation, and integration with DevOps pipelines and service identities
Drive SCIM/SAML/OIDC connector automation, Terraform/IaC for identity infrastructure, and scripting to reduce manual provisioning
Ensure audit readiness, lead access review programs, and translate regulatory requirements into technical controls
Lead technical teams, review designs, and mentor L1–L3 engineers to raise operational maturity
Requirements
Proven hands‑on experience with SailPoint and CyberArk implementations
Deep expertise in Entra ID / Azure AD, identity federation, conditional access, and hybrid identity patterns
Strong knowledge of PKI design and certificate lifecycle automation
Proficiency with identity protocols SCIM, SAML, OAuth/OIDC, and automation tools PowerShell, Python, Terraform
Experience with ITSM (ServiceNow), CI/CD integration, and audit evidence delivery.
Nice to have
Certifications: SailPoint, CyberArk, Microsoft Identity/Entra, CISSP
Experience integrating HR systems (Workday) and securing cloud native workloads (Kubernetes RBAC, secrets management)