CrawlJobs Logo

Senior Information Security Architect - Cloud IAM

firstam.com Logo

First American Financial

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

148600.00 - 198200.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a highly skilled Senior IAM Security Architect to join our information security architecture team. This role requires deep expertise in the design, implementation, and management of IAM security controls, with a focus on identity protection across cloud environments. The ideal candidate will have a strong background in AWS, Azure, and Entra ID (formerly Azure AD), and possess at least 5 years of experience in IAM related security risk assessment and threat modeling. The Senior IAM Security Architect will be responsible for ensuring the secure and efficient designs for governance of user & non-human identities, access controls, and security policies within the organization. This role will also focus on establishing a Zero Trust identity posture, implementing behavioral risk assessments, and driving automation for identity security. Expertise in Single Sign-On (SSO), Multi-Factor Authentication (MFA), and modern authentication protocols is essential.

Job Responsibility:

  • Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements
  • Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments
  • Lead the design and evolution of CIAM architecture that supports secure, scalable, and customer-centric identity services across web, mobile, and API-based platforms
  • Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network
  • Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control
  • Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events
  • Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions
  • Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets
  • Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards
  • Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems
  • Design MFA solutions to enhance authentication security, applying risk-based policies to ensure strong protection for sensitive data and critical resources
  • Develop and integrate IAM security controls with cloud platforms such as AWS, Azure, and Entra ID, ensuring secure access management across both public and hybrid cloud environments
  • Leverage native security features of cloud platforms (e.g., AWS IAM, Azure AD, Entra ID) to design scalable, secure, and automated IAM solutions
  • Lead the migration process from Hybrid Active Directory to Entra-ID based authentication to ensure minimal disruption and proper synchronization and federation across systems
  • Develop and maintain security governance frameworks for IAM, focusing on identity lifecycle management, role-based access control (RBAC), user provisioning, deprovisioning, and enforcement of least privilege
  • Ensure proper identity governance and access reviews are conducted regularly, documenting changes and exceptions as part of compliance audits
  • Collaborate with cross-functional teams, including application security, network security, infrastructure, and DevOps, to integrate IAM security best practices across systems and services
  • Stay up to date on the latest IAM trends, security threats, and technology advancements to continuously improve IAM practices and solutions
  • Implement security automation tools and workflows to improve efficiency and reduce manual efforts in identity management and access control

Requirements:

  • 7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design
  • Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification
  • Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID
  • In-depth knowledge of IAM security best practices, identity governance, and access management policies
  • Hands-on experience in conducting security risk assessments and threat modeling for IAM systems
  • Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments
  • Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls
  • Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory
  • Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments
  • Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning
  • Experience in implementing and managing SSO and MFA, with expertise in modern authentication protocols such as OAuth 2.0, OpenID Connect, and SAML
  • Experience in architecting and operating CIAM solutions at enterprise scale (customer-facing portals, mobile apps, APIs)

Nice to have:

Knowledge in GCP

What we offer:
  • medical
  • dental
  • vision
  • 401k
  • PTO/paid sick leave
  • employee stock purchase plan

Additional Information:

Job Posted:
May 16, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
First American Financial - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Information Security Architect - Cloud IAM

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Architect

As a Senior Cybersecurity Architect, you will play a strategic role in designing...
Location
Location
Luxembourg , Leudelange
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Computer Science, Information Systems, or a related field
  • 10+ years of experience in Cybersecurity Architecture, with a strong focus on business continuity and large-scale enterprise environments
  • proven experience with cloud-native security on Azure and AWS
  • practical knowledge of Agile and SAFe methodologies and their application to architecture design
  • familiarity with architecture frameworks such as TOGAF and SABSA
  • strong problem-solving, analytical, and communication skills, with the ability to deliver practical, innovative, and secure solutions
  • experience in public sector or similarly complex, regulated environments is highly desirable.
Job Responsibility
Job Responsibility
  • Designing security blueprints
  • conducting security architecture reviews
  • designing and implementing security for AI, BI, and data analytics platforms
  • ensuring secure integration of IAM solutions
  • developing automation scripts and tools in Python to support security operations
  • fostering security collaboration and culture
  • providing technical leadership, mentorship, and coaching.
What we offer
What we offer
  • Access to Sopra Steria training and personal development academy
  • a leased company car or mobility budget
  • a company laptop and mobile phone
  • private health insurance
  • meal vouchers
  • social security and pension scheme
  • competitive salary
  • 26 days holiday.
  • Fulltime
Read More
Arrow Right

IAM Senior Engineer - Active Directory/Entra ID

HPE Global IT is seeking a highly skilled Senior Active Directory (AD), Entra ID...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
  • 10+ years of IT or cybersecurity experience
  • 7+ years focused on AD, Entra ID, and Azure identity engineering in enterprise-scale environments
  • Deep hands-on experience managing multi-forest AD environments (schema, replication, delegation, GPOs, DNS, DHCP)
  • Strong expertise with Entra ID and hybrid identity integration (Entra Connect / Cloud Sync, federation, SSO)
  • Hands-on experience with Azure governance, RBAC, PIM, and access policy enforcement
  • Experience implementing conditional access, passwordless, and phishing-resistant MFA in Entra and Azure
  • Proficiency in PowerShell scripting, Graph API, and Azure automation for identity management and reporting
  • Solid understanding of authentication protocols (Kerberos, NTLM, LDAP, SAML, OIDC, OAuth2)
  • Familiarity with Zero Trust, tiered admin models, and directory hardening practices
Job Responsibility
Job Responsibility
  • Engineer, deploy, and optimize Active Directory, Entra ID, and Azure identity services across enterprise-scale hybrid environments
  • Design and manage multi-forest AD architectures, including schema extensions, replication, delegation, and hardening
  • Implement and maintain cross-domain and cross-tenant synchronization between AD and Entra ID using Entra Connect or Cloud Sync
  • Engineer secure authentication and federation flows leveraging Kerberos, NTLM, SAML, OIDC, and OAuth2
  • Implement and enhance conditional access, MFA, passwordless, and FIDO2 authentication methods in Entra and Azure environments
  • Support Zero Trust Directory Security through tiered administration, least privilege, and delegated access controls
  • Partner with cloud and infrastructure teams to ensure secure integration of Azure resources with enterprise identity services
  • Maintain and secure domain controllers, DNS, DHCP, and Group Policy Objects (GPOs) across global environments
  • Manage Azure AD tenants, subscriptions, and resource access controls (RBAC, PIM, Entra roles)
  • Integrate on-prem AD with Azure workloads, Microsoft 365, Intune, and other SaaS applications
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Security Architect – GCP & Agentic AI

The Security Architect role focuses on designing secure architectures for Google...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ year’s experience in information security, cloud security and architecture roles
  • Strong knowledge of security governance, risk and compliance frameworks (ISO 27001, NIST CSF/800‑53, NIS2, DORA)
  • Strong communication skills and ability to work with senior stakeholders
  • Experience mentoring teams or influencing security decisions
  • Google Cloud Platform (GCP) Cloud‑native architecture design (GCP‑focused)
  • Deep hands‑on experience with GCP security services and GCP security best practices
  • Experience architecting secure multi‑project setups and identity boundaries
  • Agentic AI Security Experience designing security for agent‑based AI systems and LLM‑integrated applications
  • Hands‑on experience with AI/LLM security controls (prompt security, model governance, secure APIs, orchestration security)
  • AI‑specific threat modelling expertise
Job Responsibility
Job Responsibility
  • Translate business, data protection and security requirements into practical architectural designs leveraging industry frameworks (NIST, ISO 27001, CIS)
  • Design and maintain cloud‑native security architectures, with deep expertise in GCP architecture, security services, and secure workload design
  • Establish secure architectural patterns and standards across cloud platforms, with specific focus on GCP IAM, VPC Service Controls, Cloud Armor, Confidential Computing, and secure workload segmentation
  • Develop security design documentation, diagrams, and rationale aligned with business and compliance requirements
  • Apply risk‑based and threat‑based approaches to recommend secure and proportionate solutions
  • Designing security architectures for agent‑based AI systems, including orchestration frameworks, tool‑use agents, and multi‑agent workflows
  • Implementing AI/LLM security controls across: Model security (input/output filtering, model guardrails), Prompt security, adversarial prompt defense, prompt isolation, API & orchestration security, including secure agent tool use, Data security for vector stores, embeddings, and retrieval services
  • Performing AI‑specific threat modelling, including: Model extraction & poisoning, Hallucination‑driven risk, Sensitive data leakage, Toxic output & jailbreak attempts
  • Advising on secure integration of AI with cloud environments, focusing on compliant, privacy‑aware design
  • Conduct comprehensive risk assessments and threat modelling for cloud and AI systems
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

Cloud Security Assurance Architect

The Cloud Security Assurance Architect will lead security assessments and archit...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or Cybersecurity
  • 6+ years in information security with cloud security focus
  • 3+ years conducting cloud security assessments and architecture reviews
  • Proven multi-cloud experience (AWS, Azure, GCP) in production environments
  • Technical Skills: AWS: Security Hub, GuardDuty, IAM Access Analyzer, KMS, CloudTrail
  • Azure: Defender for Cloud, Sentinel, Azure Policy, Key Vault
  • GCP: Security Command Center, Cloud Armor, IAM, Cloud KMS
  • Tools: Prisma Cloud, Wiz, Pacu, ScoutSuite, Prowler, Terraform
  • Cloud penetration testing and threat modeling
  • Mandatory Certifications: CISSP or CCSP
Job Responsibility
Job Responsibility
  • Lead cloud security assessments and architecture reviews across AWS, Azure, and GCP
  • Validate security implementations, provide expert guidance on cloud security posture, and support enterprise cloud transformation initiatives
  • Lead security architecture reviews for cloud-native and hybrid solutions
  • Execute cloud security assessments across AWS, Azure, and GCP environments
  • Validate designs against NIST CSF, CIS Benchmarks, and CSA CCM
  • Conduct cloud penetration testing following (CREST/CHECK methodologies)
  • Assess container/Kubernetes security, serverless and microservices implementations
  • Validate IaC security controls and CI/CD pipeline security
  • Lead compliance assessments: ISO 27017/27018, SOC 2, GDPR, NIS2, DORA
  • Assess cloud governance frameworks and CSPM implementations
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

Security Architect

The Security Architect role focuses on designing secure architectures for cloud ...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security-first mindset
  • 5+ year’s experience in information security, cloud security and architecture roles
  • Strong knowledge of security governance, risk and compliance frameworks (ISO 27001, NIST CSF/800‑53, NIS2, DORA)
  • Strong communication skills and ability to work with senior stakeholders
  • Experience mentoring teams or influencing security decisions
  • Google Cloud Platform (GCP) cloud‑native architecture design
  • Deep hands‑on experience with GCP security services and GCP security best practices
  • Experience architecting secure multi‑project setups and identity boundaries
  • Experience designing security for agent‑based AI systems and LLM‑integrated applications
  • Hands‑on experience with AI/LLM security controls (prompt security, model governance, secure APIs, orchestration security)
Job Responsibility
Job Responsibility
  • Translate business, data protection and security requirements into practical architectural designs leveraging industry frameworks (NIST, ISO 27001, CIS)
  • Design and maintain cloud‑native security architectures, with deep expertise in GCP architecture, security services, and secure workload design
  • Establish secure architectural patterns and standards across cloud platforms, with specific focus on GCP IAM, VPC Service Controls, Cloud Armor, Confidential Computing, and secure workload segmentation
  • Develop security design documentation, diagrams, and rationale aligned with business and compliance requirements
  • Apply risk‑based and threat‑based approaches to recommend secure and proportionate solutions
  • Designing security architectures for agent‑based AI systems, including orchestration frameworks, tool‑use agents, and multi‑agent workflows
  • Implementing AI/LLM security controls across: Model security (input/output filtering, model guardrails), Prompt security, adversarial prompt defense, prompt isolation, API & orchestration security, including secure agent tool use, Data security for vector stores, embeddings, and retrieval services
  • Performing AI‑specific threat modelling, including: Model extraction & poisoning, Hallucination‑driven risk, Sensitive data leakage, Toxic output & jailbreak attempts
  • Advising on secure integration of AI with cloud environments, focusing on compliant, privacy‑aware design
  • Conduct comprehensive risk assessments and threat modelling for cloud and AI systems
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options.
Read More
Arrow Right

Senior Cloud Security Architect

We are seeking an experienced Senior Cloud Security Architect to design, impleme...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in information security and systems architecture
  • Proven experience designing secure cloud-native architectures in Amazon Web Services
  • Strong knowledge of NIST SP 800-53 and Texas Cybersecurity Framework
  • Expertise in Identity and Access Management (IAM) and Zero Trust Architecture
  • Experience performing threat modeling and security architecture reviews
  • Experience securing APIs, microservices, and containerized environments
  • Experience configuring Cloud Security Posture Management (CSPM) solutions
  • Experience implementing DevSecOps practices
Job Responsibility
Job Responsibility
  • Design and implement secure cloud-native architectures with a strong focus on Amazon Web Services environments
  • Apply enterprise security frameworks including NIST SP 800-53 and Texas Cybersecurity Framework to ensure compliance and risk management
  • Architect and implement Identity and Access Management (IAM) and Zero Trust security models
  • Conduct threat modeling and security architecture reviews for complex distributed systems
  • Secure microservices, APIs, and containerized environments
  • Configure and manage Cloud Security Posture Management (CSPM) tools to monitor cloud security risks
  • Integrate security controls into DevSecOps pipelines to support secure software development
  • Develop and implement strategies for protecting PII, PHI, and other sensitive data
  • Support risk assessments and present security findings to executive leadership
  • Develop and maintain enterprise security architecture standards, policies, and documentation
Read More
Arrow Right

Senior Cloud Security Architect

We are seeking an experienced Senior Cloud Security Architect to design and impl...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in Information Security and Systems Architecture
  • Proven experience designing secure cloud architectures (AWS preferred)
  • Strong knowledge of NIST 800-53 and Texas Cybersecurity Framework (TCF)
  • Expertise in IAM and Zero Trust Architecture
  • Experience with threat modeling and risk analysis
  • Hands-on experience securing APIs, microservices, and containerized environments
  • Experience with CSPM tools and cloud security monitoring
  • Experience implementing DevSecOps practices
Job Responsibility
Job Responsibility
  • Design and implement secure cloud-native architectures (AWS preferred)
  • Develop and enforce enterprise security architecture standards and policies
  • Implement and manage Identity & Access Management (IAM) and Zero Trust Architecture
  • Perform threat modeling for complex, distributed systems
  • Secure microservices, APIs, and containerized environments (Docker/Kubernetes)
  • Configure and manage Cloud Security Posture Management (CSPM) tools
  • Integrate security into DevSecOps pipelines and CI/CD workflows
  • Conduct risk assessments and present findings to leadership
  • Ensure compliance with NIST 800-53, TCF, and other security frameworks
  • Implement strategies for data protection (PII, PHI, sensitive data)
Read More
Arrow Right