Identity Architecture & Engineering

Design and deploy scalable IAM solutions (SSO, MFA, RBAC).

Manage identity lifecycle: onboarding, offboarding, access reviews, and certification.

Integrate IAM with enterprise apps, cloud platforms (Azure AD, AWS IAM), and third-party services.

Security Operations & Automation

Develop automation for identity provisioning, de-provisioning, and access governance.

Implement and manage Privileged Access Management (PAM) tools.

Enforce least-privilege access as part of Zero Trust Architecture.

Monitoring, Detection & Incident Response

Monitor identity events via SIEM and analytics tools.

Investigate incidents and access violations; lead remediation efforts.

Perform root cause analysis and apply corrective measures.

Compliance & Governance

Ensure compliance with GDPR, PCI-DSS, ISO 27001, and other standards.

Maintain audit trails, access logs, and documentation for audits.

Support risk assessments, policy development, and security training.

Collaboration & Continuous Improvement

Collaborate with DevOps, IT, and Security to embed IAM in CI/CD pipelines.

Mentor junior staff and promote security best practices.

Stay updated on emerging identity security trends and threats.

Required Qualifications

Handson experience in IAM, cybersecurity, or related engineering roles.

Expertise in IAM protocols: SAML, OAuth2, OpenID Connect, LDAP, SCIM.

Hands-on with Azure AD, Active Directory, AWS IAM, or GCP IAM.

Experience with PAM tools like CyberArk, BeyondTrust, or HashiCorp Vault.

Proficient in scripting/automation (PowerShell, Python, etc.).

Strong knowledge of Zero Trust principles and identity governance.