Identity and Access Management Solution Architect

July 12, 2023

Apply Now
Logo of Cloud Security Services

Cloud Security Services

Zero Trust • Workforce Identity and Access Management • Customer Identity and Access Management • Data Security (Rest and In Motion) • Perimeter-less Security

Description

• Support of omni-channel (Digital, Voice, Paper) standard patterns based on the target state IAM solution architecture and eco-system for client workforce members. • Drive workforce IAM solution architecture and scoping of engineering design and scoping to support the transformation initiative. • Create engineering diagrams to support the overall solution architecture. • Maintain and update the overall solution architecture. • Solution Architecture and Engineering Diagrams for technical discovery and integration with other systems (e.g., CMDB and ITSM). • Support the development of basic use cases / role models for Day 1 (Birthright) access. • Create engineering diagrams for implementation into IDMS. • Support the implementation of target state digital identity records for employees, contractors, and robots. • Provide access management architecture and engineering services. • Support the architecture and engineering for IDMS compliance across business sectors. • Support architecture and engineering for enhancing access recertifications for better end user experience. • Support AD / AAD architecture and engineering requirements. • Covers the following pattern categories for IAM: - Registration / Onboarding - Authentication - Authorization - Third-party Service/API Access & Authorization - Invitation-Based User Registration - User Access De-provisioning - Helpdesk Processes - Omnichannel Services "Overlay" - Directory abstraction - Multi-factor authentication • Evaluation of current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls.

Requirements

• 7-10 years’ experience working in the Identity and Access management (IAM) information security space in an architecture capacity. • 5-7 years’ experience with the following: - Workforce IAM - Consumer IAM (CIAM) - Federation and single sign-on (B2B and B2C) - National Institute of Standards and Technology (NIST) 800-53 - NIST 800-63 - NIST Cybersecurity Framework (CSF) • Experience creating high and low level IAM architecture patterns. • Experience developing and implementing IAM strategies and roadmaps. • Experience with major IAM platforms including: - Microsoft Active Directory - Microsoft Azure Active Directory - Oracle Identity Manager - F5 Access Policy Manager (APM) - Optimal IDM • A solid understanding of access control patterns including role-based access control (RBAC) and attribute-based access control (ABAC). • Experience consulting on all phases of a full IAM lifecycle including: - Book of record (BoR) to identity management system (IDMS) identity feeds. - IDMS to directory and application identity provisioning. - Application consumption of identity • Strong written and verbal communication skills. • Supporting communication of IAM efforts to all levels of an organization including C-Level. • Experience with IAM governance including: - Information security policies and procedures - User lifecycle management (provisioning, de-provisioning, and maintenance) - User and access recertification • Understanding of major authentication and authorization protocols including: - OAuth - OpenID Connect - SAML 2.0 - Kerberos NTLM Authentication - Unix/Linux authentication and authorization • Business outcomes mindset • Directory services design experience such as AD and AAD • Excellent interpersonal communication skills with strong spoken and written English. • Scripting experience • Implementation experience • Collaborative team worker

Benefits

• 6-month remote project

Apply Now
Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com