|
Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team. Job Title: IAM - Senior Lead / Architect Location(s): Seattle, WA Description
- 15+ years of experience required.
What You'll Do
- Define and own the target-state architecture and reference designs for the enterprise identity security platform across BeyondTrust (Password Safe, EPM, PRA), Microsoft Entra ID, Active Directory, and SailPoint IdentityNow (IDN).
- Lead the architecture and deployment strategy for large-scale identity security modernization initiatives, including privileged access transformation, identity governance modernization, cloud identity adoption, Active Directory and hybrid identity modernization, and Zero Trust identity implementations.
- Establish architecture standards, design patterns, integration blueprints, and governance guardrails for engineering teams, while serving as the design authority through architecture and design reviews.
- Develop migration and deployment strategies, including sequencing, cutover planning, rollback procedures, and risk mitigation, to transition large user populations and enterprise systems to modern identity platforms with minimal business disruption.
- Architect integrations across identity platforms, cloud environments (Azure, AWS, GCP), and enterprise/SaaS applications using APIs and identity standards such as SAML, OAuth 2.0/OpenID Connect (OIDC), SCIM, Kerberos, and LDAP.
- Drive enterprise adoption of phishing-resistant authentication and least-privilege privileged access management (PAM) architecture.
- Collaborate with engineering, security architecture, cloud/platform teams, product management, and program management to convert architectural vision into executable delivery roadmaps.
- Provide technical leadership to engineering teams by reviewing solution designs and implementations to ensure compliance with architectural and security standards.
- Identify, document, and communicate architectural risks, dependencies, and trade-offs to technical teams and executive stakeholders.
- Ensure identity security solutions align with enterprise security, compliance, and data governance requirements.
- Utilize AI-powered tools to improve architecture analysis, solution evaluation, and technical documentation.
Required Qualifications
- Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or equivalent experience.
- 15+ years of experience in security or identity engineering, including significant experience as an Identity or Security Architect in large enterprise environments.
- Proven experience leading enterprise-scale identity security modernization initiatives from architecture through production deployment.
- Deep expertise in at least two of the following platforms, with working knowledge of the others:
- BeyondTrust
- Microsoft Entra ID
- Active Directory
- Okta
- SailPoint IdentityNow (IDN)
- Strong knowledge of identity and access management concepts, including:
- Authentication and authorization protocols (SAML, OAuth 2.0/OIDC, SCIM, Kerberos, LDAP)
- Identity federation
- Multi-factor authentication (MFA) and phishing-resistant authentication
- Role-Based and Attribute-Based Access Control (RBAC/ABAC)
- Least privilege principles
- Tiered administration
- Zero Trust architecture
- Experience designing and executing identity integrations and migrations across hybrid and multi-cloud environments.
- Experience establishing enterprise architecture standards and serving as the design authority across multiple engineering teams.
- Excellent communication and stakeholder management skills with the ability to present architectural decisions and trade-offs to both technical and executive audiences.
- Ability to work independently in a fast-paced environment managing multiple concurrent initiatives.
Preferred Qualifications
- Industry certifications such as CISSP, SABSA, TOGAF, Microsoft Identity & Access Administrator (SC-300), or SailPoint Certified Engineer.
- Experience with Infrastructure as Code (Terraform, Ansible) and CI/CD pipelines supporting identity platform deployments.
- Experience with Identity Threat Detection and Response (ITDR) and integrating identity telemetry into SIEM/SOAR platforms.
- Experience supporting large-scale retail, e-commerce, or other high-transaction enterprise environments.
Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans or individuals with disabilities.
|