$150K — $200K *
About the Role:
The Identity and Access Management (IAM) Architect will serve as technical expert responsible for design & implementation of identity management applications and enterprise platforms. The position entails both direct delivery and business development efforts. The ideal candidate will be able to help design, monitor and maintain world-class Identity and Access Management solutions. In this role, the ideal candidate will manage standards for our clients’ overall identity application integration, middleware interfaces and architecture. They will lead the collection of business requirements and the design / development of Identity and Access Management (IAM) solutions. Architectural design will include physical design, technology selection and deployment strategy. They will assist with the development of roadmaps within the program discipline. They will partner with other IAM architects on Avanade initiatives and coordinate communications with internal and external teams. The IAM Architect will participate in business process evaluation/improvement activities, requirements gathering, system analysis, system design, software / hardware applicability studies and system implementation and executes projects based on these activities. They will provide input into the technology plans for the organization and ensure that plans for their assigned applications integrate effectively with other aspects of the technical infrastructure. They will assist or lead in defining systems solutions to functional problems that conform to established system architecture standards and practices. The candidate ensures the successful transition of project deliverables to support / maintenance /operations teams.
· Lead response to RFPs, scope security programs and assist in closing sales opportunities.
· Advise clients on the security implications of compliance and regulations such as OSFI, ISO, NIST, PCI, PIPEDA, GDPR etc.
· Leverage industry leading tools and Avanade partners to consult on Digital Identity security domain that may also include topics related to Identity Governance & Administration (IGA)
· Actively seek and nurture opportunities for business development.
· Actively participate in development of cyber security offerings.
· Actively lead multiple engagements simultaneously and seamlessly.
· Be the “Trusted Advisor” on best practices to protect Identity.
· Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats
· Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design premier security practices, and deliver strategic, innovative cloud-based security offerings
· Develop metrics that will measure current risk
· Analyze user and synthetic behaviors across identity providers to inform security decisions
· Carry out threat and risk assessments (TRAs) and develop security architecture to mitigate threats
· Support other Information Security service duties as assigned
The ideal team member will have a solid foundation across Microsoft technology stack and Azure security offerings. You will articulate security and risk-related concepts to key stakeholders using your experience and willingness to learn the following:
· 10+ years of work experience in the Digital Identity security domain including but not limited to On-Premises, Hybrid and Cloud only models, including hands-on technical management
· MSC on Cyber-Security or a Bachelor’s degree in Computer Science/Engineering or equivalent experience plus at least 8 years of work experience
· Experience building and managing a team of security professionals
· In-depth experience in medium to complex computing environments, with advanced knowledge in security technologies and services
· Cloud Technology experience with Microsoft Azure (IaaS/PaaS/SaaS)
· Design and manage deployments of IGA tools from partners such as Microsoft, SailPoint, ForgeRock, Okta, CyberArk, PingIdentity, Savyint.
· Implement compliance frameworks such as ISO/IEC 27001, NIST 800-53, PCI DSS, HITRUST, FedRamp
· Integrate ILM, DAG, ITSM, SoD, and stand-alone tools to support full-featured IGA
· Extensive understanding of IAM concepts such as directory services, RBAC, SSO, federation, MFA, provisioning, access certification
· Data & analytics tools – Log Analytics, Azure Sentinel, AI/ML, Microsoft Defender for Identity
· Security architecture and design
· Solid grasp of security standard methodologies
· Proven implementation of cloud security models, particularly identity, network, and encryption
· Business case development skills for justifying, prioritizing & forecasting the funding requirements for security programs and initiatives
· Demonstrated experience in developing and implementing information security programs
· Ability to work with teams both on shore and offshore, using remote collaboration technologies
· Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
· Deep knowledge on Azure Active Directory,
· Knowledge of SAML, OpenID Connect, OAuth, JSON, SPML, SCIM, XACML integration standards.
· Experience with domain migrations and consolidations: Merger and Acquisition projects (M&A)
· Knowledge of Red Forest model (Enhanced Security Administrative Environment)
· Identity Lifecycle Management
· Good to have experience with the following Identity and Access Management products: Sailpoint IdentityIQ, FIM/MIM DirSync, Quest ARS, CyberArk, ForgeRock, Ping, Okta and Saviynt
One or more of the following
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Cloud Security Professional (CCSP)
• MCSE Core Infrastructure
• MCSE Cloud and Infrastructure
• Microsoft Azure Security Technologies (Exam AZ-500)
• Microsoft Azure Administrator (AZ-103 / AZ-104)
• Microsoft 365 Identity and Services (MS-100)
Valid through: 6/29/2021