CrawlJobs Logo

Senior Identity & Access Management (IAM) Architect

United States, Plano · Job Posted April 23, 2026
Apply Position
Job Link Share

Job Responsibility

  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
  • Active Directory consolidations including application integration working with application teams
  • Recommend security best practices to achieve stated business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results

Requirements

  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains. Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities.
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
  • Strong Knowledge on IAM disciplines like PIM and Privilege Administrative Accounts PAM solutions such as CyberArk
  • Good knowledge on ADFS and Entra ID sync connectors
  • Strong familiarity with DNS Active Directory integrated, partitions and Infoblox & DHCP systems and Migration of services from Active Directory any platform
  • Demonstrated knowledge and experience in AD assessment in terms of OU delegation, GPOs, permission etc.,
  • Expertise in Active Directory versions 2003, 2008R2, 2012R2 & 2016, 2019 and Azure Active Directory
  • Good knowledge and hands on experience in setting up lab based on the solution requirements
  • Demonstrated working knowledge and hands on experience in AD disaster recovery, Replication issues and resolution using tools such as repadmin
  • Demonstrated experience in writing and applying GPOs, especially related to domain consolidations
  • Good Knowledge on Active Directory & windows audit logs and levels and SIEM integration
  • Good knowledge on Networking, firewalls, including host firewalls, DNS, DHCP, DFS & Network load balancers and Secure Global Directory or Secure LDAP
  • Good knowledge on Cryptography, certificates, PKI, symmetric, asymmetric keys, Encryption & hash algorithms
  • Good knowledge on AD authentication protocols Kerberos, NTLM, LDAP, LDAPS & LDAP-Start TLS
  • Good knowledge on Network log capturing & analyzing the network packet captures through the tools Wireshark, Tshark, Microsoft NM etc.,
  • Good knowledge on application integration with LDAP & Kerberos i.e. Keytab, krb5 etc.,
  • Good knowledge on AD migration tools like ADMT, Quest etc., knowledge on AD trusts, forest, domain tree structures, sites, DNS, GPOs, OU, FRS, DFSR.
  • Good knowledge on any Identity & Access Management tools like FIM, MIM, OIM, Quest etc.,
  • Exposure to SAML, OAuth, OpenID and other security/IAM related standards
  • Strong hands-on familiarity with host-based security solutions, Forensic & Investigation agents, and Compliance scanning and reporting, Hardening Active Directory
  • Knowledge of single sign-on, federation, active directory/LDAP, Kerberos/NTLM authentication & integrated Windows authentication
  • Good knowledge on Identity management and Role based access control, attribute-based access control & entitlement management
  • Good knowledge on power shell scripting with AD modules or VB .Net and ability to write scripts based on the requirement
  • Excellent communication skills, especially verbal and written
  • Good documentation skills to write a design & configuration documents version controls
  • Excellent Interpersonal skill and ability to work as part of a team
  • Home office for remote work
  • Ability to work some weekends and late nights performing approved changes
  • ITIL V3 or later experience, experience in writing change request and attending Change Advisory Boards (CAB) meeting
  • Experience with Security Controls and compliance

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Identity & Access Management (IAM) Architect

8 matching positions

New

Senior Identity & Access Management (IAM) Architect

We are currently seeking a Senior Identity & Access Management (IAM) Architect- ...
Location
Location
United States , Phoenix
Salary
Salary:
104550.00 - 193625.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of hands-on experience deploying and administering Ping Identity Suite (PingFederate, PingAccess, PingOne, PingID)
  • IAM Protocols: Strong understanding of federated identity, SSO, OAuth, OIDC, SAML 2.0, and LDAP
  • Governance Skills: Proven experience driving access certification campaigns, segregating duties (SoD), and managing identity governance
  • Soft Skills: Strong analytical problem-solving, excellent cross-functional collaboration, and effective communication for working with IT and auditing teams
Job Responsibility
Job Responsibility
  • Design and execute routine user access reviews, identity audits, and lifecycle management workflows across all enterprise applications
  • Create and configure role-based, attribute-based, and policy-based access controls (RBAC/ABAC) using PingAccess and PingFederate
  • Administer the Ping Identity platform (PingOne, PingFederate, PingAccess, PingID)
  • Support onboarding and integrating new enterprise applications with PingOne using protocols like OAuth, OIDC, and SAML
  • Troubleshoot access-related issues, MFA failures, and authentication flows while maintaining knowledge bases and SOPs
  • Generate audit-ready compliance reports for SOX, HIPAA, or GDPR by verifying user entitlements and resolving access outliers
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Active Directory/Azure AD-Senior Identity & Access Management (IAM) Architect

Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains
  • Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
Job Responsibility
Job Responsibility
  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
Read More
Arrow Right

Active Directory/Azure AD Senior Identity & Access Management Architect

The NTT DATA Services Security organization is looking for talented security-ori...
Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Entra ID ,Windows & End points
  • Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains. Hands on experience in successful consolidation of AD Forests and Domains
  • Must have strong hands-on experience working on Entra ID (Azure Active Directory)
  • Extensive Experience working as Entra IDmin for enterprise Active Directory setup and maintenance
  • Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
  • Strong Knowledge on Entra ID Identity Management & Integration with on premise
  • Strong knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities.
  • Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
  • Strong hands-on experience in coding in PowerShell scripting
  • Strong Knowledge on IAM disciplines like PIM and Privilege Administrative Accounts PAM solutions such as CyberArk
Job Responsibility
Job Responsibility
  • Active Directory designing, Architecture Solutions, Integration with platforms & Applications
  • Develop an architecture of directory solutions for Windows, Unix, and related platforms
  • Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
  • Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
  • Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
  • Develop a power shell scripting with AD modules or VB .Net based on the requirements
  • Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Entra
  • Auditing the security logs and integrating with SIEM
  • Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
  • Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
  • Fulltime
Read More
Arrow Right

Senior IT Engineer — Identity & Access Management

This contract-to-permanent opportunity is ideal for a senior-level candidate who...
Location
Location
United States , Ada
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated experience in identity and access management engineering, with strong depth in enterprise IAM architecture and operations
  • Hands-on expertise with Okta, including tenant configuration, lifecycle management, authentication policies, and single sign-on enablement
  • Strong knowledge of SSO and federation technologies, including SAML, OAuth, and modern authentication concepts across SaaS applications
  • Experience integrating identity platforms with systems such as Microsoft Entra ID, Active Directory, Google Workspace, or other directory services
  • Ability to design secure provisioning, deprovisioning, and access governance processes in regulated or compliance-driven environments
  • Proven troubleshooting skills for authentication, authorization, and federation issues across cloud and hybrid application ecosystems
  • Comfortable in a client-facing role with the ability to communicate technical recommendations clearly to varied stakeholders
Job Responsibility
Job Responsibility
  • Architect and implement enterprise identity and access solutions centered on Okta for clients operating in regulated and multi-platform environments
  • Configure and strengthen Okta capabilities such as directory services, adaptive authentication, lifecycle automation, workflow orchestration, and governance controls
  • Integrate identity platforms with Entra ID, Active Directory, JumpCloud, Google Workspace, and other cloud or hybrid systems to create consistent access experiences
  • Lead the design and support of SSO and federation solutions using SAML and OAuth standards, including claims design, attribute mapping, token settings, and authentication flow decisions
  • Troubleshoot authentication and federation issues by analyzing logs, protocol behavior, and application integration details to resolve complex access problems
  • Develop repeatable integration patterns for widely used business applications such as Microsoft 365, Salesforce, Slack, Zoom, Atlassian, GitHub, NetSuite, and similar platforms
  • Build and maintain automated joiner, mover, and leaver processes tied to authoritative source systems to improve provisioning accuracy and deprovisioning speed
  • Establish role-based access models, least-privilege controls, and access review practices that align with audit and compliance expectations
  • Partner directly with clients to assess identity maturity, recommend improvements, and deliver IAM solutions that support business and security objectives
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Senior Customer Identity and Access Management Engineer

Are you passionate about securing digital identities and creating seamless user ...
Location
Location
Ireland , Dublin 2
Salary
Salary:
Not provided
bentley.com Logo
Bentley Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 5 years of hands-on experience with the Ping Identity suite
  • Thorough understanding of Identity and Access Management (IAM) for both enterprise and customer-facing applications
  • Strong coding and scripting abilities (Java & TypeScript are preferred)
  • In-depth knowledge of OAuth, OIDC, and SAML
  • Knowledge of System for Cross-domain Identity Management (SCIM)
  • Experience with API configuration and deployment
  • Strong experience with Linux environments (navigating, tuning, etc.)
  • Excellent problem-solving and communication skills
Job Responsibility
Job Responsibility
  • Lead the management and administration of the full Ping Identity suite, including Ping Federate, Ping Access, Ping Directory, Ping Data Proxy, Ping Data Sync, and Ping Authorize
  • Architect and manage common Ping Components, such as IdP & SP adapters, selectors, authentication policies, and more
  • Deploy, configure, and troubleshoot modern authentication protocols, including OAuth, OIDC, and SAML, ensuring compliance with industry standards
  • Strengthen security by configuring and deploying Multi-Factor Authentication (MFA) solutions
  • Oversee the entire lifecycle of digital certificates
  • Develop and maintain clean, efficient, and well-documented code and scripts, with a preference for Java & TypeScript
  • Configure and deploy APIs to extend and integrate our CIAM solutions
  • Thrive in a DevOps model, contributing to our CI/CD pipelines and automation efforts
  • Operate within our cloud-based infrastructure, with a preference for AWS
  • Manage and maintain containerized environments
What we offer
What we offer
  • A great Team and culture
  • An exciting career as an integral part of a world-leading software company
  • An attractive salary and benefits package
  • A commitment to inclusion, belonging, and colleague well-being through global initiatives and resource groups
  • A company committed to making a real difference by advancing the world’s infrastructure for a better quality of life
Read More
Arrow Right

Senior Information Security Architect - Cloud IAM

We are seeking a highly skilled Senior IAM Security Architect to join our inform...
Location
Location
United States
Salary
Salary:
148600.00 - 198200.00 USD / Year
firstam.com Logo
First American Financial
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design
  • Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification
  • Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID
  • In-depth knowledge of IAM security best practices, identity governance, and access management policies
  • Hands-on experience in conducting security risk assessments and threat modeling for IAM systems
  • Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments
  • Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls
  • Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory
  • Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments
  • Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning
Job Responsibility
Job Responsibility
  • Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements
  • Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments
  • Lead the design and evolution of CIAM architecture that supports secure, scalable, and customer-centric identity services across web, mobile, and API-based platforms
  • Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network
  • Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control
  • Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events
  • Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions
  • Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets
  • Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards
  • Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401k
  • PTO/paid sick leave
  • employee stock purchase plan
  • Fulltime
Read More
Arrow Right

Security Senior Consultant - Microsoft Identity & Device Management

Valorem Reply, part of the Reply Network, is a leader in security-focused digita...
Location
Location
United States , Chicago
Salary
Salary:
135000.00 - 165000.00 USD / Year
valoremreply.com Logo
Valorem Reply
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7 years of experience delivering Identity and Access Management solutions
  • Strong hands-on expertise with Microsoft Entra and Intune, including integration with Microsoft Security tools, applications, and endpoint platforms
  • Experience designing and implementing IAM solutions across hybrid, cloud, and multi-tenant environments
  • Solid understanding of authentication, authorization, federation, identity governance, and access control concepts
  • Ability to work independently while collaborating across security, cloud, endpoint, and infrastructure teams
  • Strong communication skills with the ability to translate technical concepts into business-aligned outcomes
Job Responsibility
Job Responsibility
  • Design and implement Microsoft-based identity and device management solutions across enterprise environments, integrating Microsoft Entra with users, devices, applications, infrastructure, and Microsoft Security tools
  • Lead delivery of IAM capabilities including SSO, MFA, Conditional Access, identity lifecycle management, and Privileged Access Management (PAM/PIM)
  • Architect identity solutions across hybrid, multi-tenant, on-premises, cloud, and multi-cloud environments
  • Implement and integrate Microsoft Intune for device management, compliance, and identity-driven access control
  • Act as a subject matter expert on federation and authentication protocols including SAML, OAuth, and OpenID Connect (OIDC)
  • Engage directly with customers as a trusted advisor, leading technical delivery, workshops, and solution discussions
  • Fulltime
Read More
Arrow Right
New

Technical Solutions Architect Senior Specialist

We are currently seeking a Technical Solutions Arch. Sr. Specialist to join our ...
Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 7+ years of experience in Identity and Access Management (IAM), with substantial hands-on experience in Delinea PAM implementation and administration
  • Experience with other PAM solutions like CyberArk or BeyondTrust is a plus
  • Experience with cloud platforms (AWS, Azure, GCP) and DevSecOps practices is desirable
  • Deep expertise in Delinea or Centrify components, including agents, Access Manager, Audit components, Secret Server, and Privilege Manager
  • Strong understanding of Privileged Access Management (PAM) principles and Active Directory (AD) integration
  • Proficiency in scripting (PowerShell, Python, Bash) and working with REST APIs
  • Familiarity with high-availability (HA/DR) architecture and enterprise hardening standards
  • Strong problem-solving and analytical abilities
  • Excellent communication skills for collaborating with cross-functional teams and stakeholders
  • Ability to work independently and manage multiple tasks in a high-pressure environment
Job Responsibility
Job Responsibility
  • Design and Architecture: Lead the architecture, design, and deployment of enterprise-grade PAM solutions using the Delinea platform across hybrid environments
  • Implementation and Configuration: Administer, configure, and maintain Delinea components
  • Integration and Automation: Integrate the Delinea solution with Active Directory/Entra ID, LDAP, SIEM tools (e.g., Splunk), ServiceNow, and other identity management systems
  • Policy and Compliance: Define and enforce security policies, access controls, and workflows to ensure compliance with industry standards and regulatory requirements
  • Monitoring and Troubleshooting: Monitor the health, performance, and security of the Delinea infrastructure
  • Documentation and Guidance: Create and maintain architecture diagrams, technical documentation, and provide guidance and training to application teams and security stakeholders
  • Fulltime
Read More
Arrow Right