Job Description:
• Lead the architecture, design, implementation, and operation of enterprise IAM solutions across on-premises and cloud environments.
• Drive adoption of a Zero Trust, identity-centric security model, including least privilege access, continuous authentication, and adaptive access controls.
• Partner with Security Engineering teams to implement and manage Privileged Access Management (PAM) solutions, including credential vaulting, session monitoring, and just-in-time (JIT) access.
• Own and automate identity lifecycle processes (Joiner-Mover-Leaver) to ensure timely, secure, and auditable access.
• Collaborate with Product Engineering, Infrastructure, Cloud, HR, and Cybersecurity teams to deliver IAM initiatives end-to-end.
• Lead cross-functional initiatives, influence stakeholders, and translate complex IAM concepts for both technical and non-technical audiences.
• Maintain and evolve IAM standards, policies, documentation, and procedures to support operational consistency, compliance, and audits.
• Provide clear, consistent communication and reporting on IAM posture, risks, and progress to leadership and stakeholders.
• Oversee user onboarding, offboarding, access changes, and periodic access reviews to ensure compliance and audit readiness.
• Manage certificates, secrets, and cryptographic keys across applications, infrastructure, and cloud platforms.
• Implement and govern privileged identities, credential vaulting, JIT access, and privileged session management capabilities.
Requirements:
• Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field preferred, or equivalent combination of education and experience.
• Hands-on experience implementing SSO and MFA using Entra ID, Okta (preferred), or similar platforms.
• Strong understanding of modern authentication and identity federation protocols, including SAML, OIDC, OAuth2, WebAuthn/FIDO2, and LDAP.
• Experience implementing and managing Privileged Access Management (PAM) solutions such as CyberArk, BeyondTrust, or similar tools.
• Experience with AWS IAM models; Azure identity model experience preferred.
• Working knowledge of mTLS, certificates, RADIUS, and Kerberos.
• Expertise with Active Directory, Entra ID, LDAP, and cloud directory services and their integration with modern IAM solutions.
• Experience scripting and automation using PowerShell, Python, Bash, or similar languages.
• CISSP, CISA, and/or CISM certifications preferred.
Benefits:
• Flexible Work: Fully remote opportunity (from approved locations within the U.S.) with a company that cares.