Identity and Access Management

Cloud Security Services is looking for an experienced Identity and Access Management (IAM) Solution Architect to assist Client with a multi-year IAM transformation initiative. Candidate must have a strong background in designing IAM architecture for large, complex environments. This is a 6-month remote project.   Responsibilities · Support of omni-channel (Digital, Voice, Paper) standard patterns based on the target state IAM solution architecture and eco-system for client workforce members. · Drive workforce IAM solution architecture and scoping of engineering design and scoping to support the transformation initiative. · Create engineering diagrams to support the overall solution architecture. · Maintain and update the overall solution architecture. · Solution Architecture and Engineering Diagrams for technical discovery and integration with other systems (e.g., CMDB and ITSM). · Support the development of basic use cases / role models for Day 1 (Birthright) access. · Create engineering diagrams for implementation into IDMS. · Support the implementation of target state digital identity records for employees, contractors, and robots. · Provide access management architecture and engineering services. · Support the architecture and engineering for IDMS compliance across business sectors. · Support architecture and engineering for enhancing access recertifications for better end user experience. · Support AD / AAD architecture and engineering requirements.   Covers the following pattern categories for IAM; o Registration / Onboarding o Authentication § Authorization o Third-party Service/API Access & Authorization o Invitation-Based User Registration o User Access Delegation o User De-provisioning o Helpdesk Processes o Omnichannel Services "Overlay" o Directory abstraction o Multi-factor authentication · Evaluation of current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls.   Required Skills · 7-10 years’ experience working in the Identity and Access management (IAM) information security space in an architecture capacity. · 5-7 years’ experience with the following: o   Workforce IAM o   Consumer IAM (CIAM) o   Federation and single sign-on (B2B and B2C) o   National Institute of Standards and Technology (NIST) 800-53 o   NIST 800-63 o   NIST Cybersecurity Framework (CSF) · Experience creating high and low level IAM architecture patterns. · Experience developing and implementing IAM strategies and roadmaps. · Experience with major IAM platforms including: o   Microsoft Active Directory o   Microsoft Azure Active Directory o   Oracle Identity Manager o   F5 Access Policy Manager (APM) o   Optimal IDM · A solid understanding of access control patterns including role-based access control (RBAC) and attribute-based access control (ABAC). · Experience consulting on all phases of a full IAM lifecycle including: o   Book of record (BoR) to identity management system (IDMS) identity feeds. o   IDMS to directory and application identity provisioning. o   Application consumption of identity · Strong written and verbal communication skills. · Supporting communication of IAM efforts to all levels of an organization including C-Level. · Experience with IAM governance including: o   Information security policies and procedures o   User lifecycle management (provisioning, de-provisioning, and maintenance) o    User and access recertification · Understanding of major authentication and authorization protocols including: o   OAuth o   OpenID Connect o   SAML 2.0 o   Kerberos NTLM Authentication o   Unix/Linux authentication and authorization · Business outcomes mindset · Directory services design experience such as AD and AAD · Excellent interpersonal communication skills with strong spoken and written English. · Scripting experience · Implementation experience · Collaborative team worker Powered by JazzHR