Job SummaryThe Enterprise Architect (IAM) is responsible for leading the design, integration, and implementation of Identity and Access Management solutions as part of a merger and acquisition initiative within a wealth management environment.
This role focuses on identity discovery, assessment, architecture design, and deployment of scalable, secure IAM solutions across the combined organization.
The position requires expertise in Entra ID, SailPoint IIQ/ISC, PingOne AIC, Auth0, CyberArk, and directory services, as well as experience designing SSO, MFA, and federation solutions during complex transition phases.
The architect will collaborate closely with engineering, security, infrastructure, and application teams to build an IAM strategy aligned with business and security objectives.
Key Responsibilities- Conduct discovery and assessment of the acquired organization's IAM infrastructure, including Entra ID tenants, directory services, and IAM tools.
- Assess current SSO, MFA, and federation implementations across both organizations.
- Identify gaps, risks, and areas of improvement in IAM capabilities.
- Design IAM architecture aligned with business requirements, security needs, and compliance standards.
- Develop tenant consolidation or coexistence strategies for Entra ID.
- Architect SSO, MFA, and federation solutions (SAML, OAuth, OIDC) for seamless cross-organizational access.
- Lead integration of IAM platforms including Entra ID, SailPoint IIQ/ISC, PingOne AIC, CyberArk, Delinea, Auth0, CoreView, and directory services.
- Configure and support federation protocols and secure authentication patterns.
- Collaborate with IT and security teams to ensure smooth migration and system integration.
- Develop conversion strategies for migrating users, roles, and access policies.
- Provide technical leadership during tenant migrations and IAM platform transitions.
- Maintain detailed IAM documentation, including design artifacts and operational guides.
- Communicate progress, risks, and challenges to leadership and stakeholders.
- Ensure solutions comply with relevant industry regulations and security requirements.
- Work with business, engineering, and security teams to align IAM direction with organizational goals.
- Serve as the IAM subject matter expert throughout the M&A lifecycle.
Required Qualifications- 10+ years of experience in Identity and Access Management or security architecture.
- Experience in IAM discovery, design, and integration during mergers and acquisitions.
- Experience with Entra ID tenant consolidation and cross-organization federation.
- Strong hands-on expertise with Microsoft Entra ID, including tenant management, conditional access, and MFA.
- Experience with SailPoint IdentityIQ (IIQ) and SailPoint Identity Security Cloud (ISC).
- Experience with PingOne Advanced Identity Cloud (AIC) and Auth0 for SSO, federation, and CIAM.
- Knowledge of CyberArk or Delinea for privileged access management.
- Proficiency in CoreView for Microsoft 365 management and governance.
- Strong understanding of federation protocols such as SAML, OAuth, and OIDC.
- Expertise in directory services such as Active Directory and LDAP.
- Experience designing cloud-native identity architectures across multi-cloud environments.
- Ability to translate business and security requirements into scalable IAM designs.
- Strong communication, documentation, and stakeholder engagement skills.
Preferred Qualifications- Experience with cloud migration strategies and hybrid IAM models.
- Certifications such as CISSP, CCSP, and vendor certifications in Entra, SailPoint, or similar.
- Experience with Zero Trust access models and identity threat detection capabilities.
