Identity and Access Management (IAM) Solution Architect

Cloud Security Services is looking for an experienced Identity and Access Management (IAM) Solution Architect to assist Client with a multi-year IAM transformation initiative. Candidate must have a strong background in designing IAM architecture for large, complex environments. This is a 6-month remote project.

Responsibilities

· Support of omni-channel (Digital, Voice, Paper) standard patterns based on the target state IAM solution architecture and eco-system for client workforce members.

· Drive workforce IAM solution architecture and scoping of engineering design and scoping to support the transformation initiative.

· Create engineering diagrams to support the overall solution architecture.

· Maintain and update the overall solution architecture.

· Solution Architecture and Engineering Diagrams for technical discovery and integration with other systems (e.g., CMDB and ITSM).

· Support the development of basic use cases / role models for Day 1 (Birthright) access.

· Create engineering diagrams for implementation into IDMS.

· Support the implementation of target state digital identity records for employees, contractors, and robots.

· Provide access management architecture and engineering services.

· Support the architecture and engineering for IDMS compliance across business sectors.

· Support architecture and engineering for enhancing access recertifications for better end user experience.

· Support AD / AAD architecture and engineering requirements.

Covers the following pattern categories for IAM;

oRegistration / Onboarding

oAuthentication § Authorization

oThird-party Service/API Access & Authorization

oInvitation-Based User Registration

oUser Access Delegation

oUser De-provisioning

oHelpdesk Processes

oOmnichannel Services "Overlay"

oDirectory abstraction

oMulti-factor authentication

· Evaluation of current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls.

Required Skills

· 7-10 years’ experience working in the Identity and Access management (IAM) information security space in an architecture capacity.

· 5-7 years’ experience with the following:

o   Workforce IAM

o   Consumer IAM (CIAM)

o   Federation and single sign-on (B2B and B2C)

o   National Institute of Standards and Technology (NIST) 800-53

o   NIST 800-63

o   NIST Cybersecurity Framework (CSF)

· Experience creating high and low level IAM architecture patterns.

· Experience developing and implementing IAM strategies and roadmaps.

· Experience with major IAM platforms including:

o   Microsoft Active Directory

o   Microsoft Azure Active Directory

o   Oracle Identity Manager

o   F5 Access Policy Manager (APM)

o   Optimal IDM

· A solid understanding of access control patterns including role-based access control (RBAC) and attribute-based access control (ABAC).

· Experience consulting on all phases of a full IAM lifecycle including:

o   Book of record (BoR) to identity management system (IDMS) identity feeds.

o   IDMS to directory and application identity provisioning.

o   Application consumption of identity

· Strong written and verbal communication skills.

· Supporting communication of IAM efforts to all levels of an organization including C-Level.

· Experience with IAM governance including:

o   Information security policies and procedures

o   User lifecycle management (provisioning, de-provisioning, and maintenance)

o    User and access recertification

· Understanding of major authentication and authorization protocols including:

o   OAuth

o   OpenID Connect

o   SAML 2.0

o   Kerberos NTLM Authentication

o   Unix/Linux authentication and authorization

· Business outcomes mindset

· Directory services design experience such as AD and AAD

· Excellent interpersonal communication skills with strong spoken and written English.

· Scripting experience

· Implementation experience

· Collaborative team worker