×
Register Here to Apply for Jobs or Post Jobs. X

AI IAM Architect

Job in Fort Mill, York County, South Carolina, 29715, USA
Listing for: LPL Financial LLC
Full Time position
Listed on 2026-06-27
Job specializations:
  • IT/Tech
    Cybersecurity, AI Engineer (Applied/Software)
Salary/Wage Range or Industry Benchmark: 153470 - 255749 USD Yearly USD 153470.00 255749.00 YEAR
Job Description & How to Apply Below

Job Overview

We are seeking an experienced Identity and Access Management (IAM) Architect with a strong AI and agent-integration focus to lead the design, proof‑of‑concept (POC), and hands‑on implementation of identity patterns for AI workloads, conversational agents, and AI platform integrations across the enterprise.

Key Responsibilities
  • Discover AI/agent identity requirements across users, services, runtimes, tools, and APIs.
  • Assess existing SSO, MFA, federation, and API authorization models; identify gaps in delegation, token lifecycle, scopes, secrets, and auditability.
  • Design enterprise IAM patterns (user context propagation, delegation chains, BFF sessions, least‑privilege access) and OAuth/OIDC client models.
  • Define standards for securing agent tools, data access, and cross‑domain integrations; align to zero trust and regulatory controls.
  • Produce architecture artifacts (CAD/HLD/PSS) and reference implementations.
  • Lead and build IAM POCs (end‑to‑end flows, token exchange, gateway enforcement, delegated agent access).
  • Configure / test identity flows; troubleshoot tokens, scopes, and integrations.
  • Implement or guide IAM integrations across gateways, BFFs, agent orchestration, and observability.
  • Transition validated patterns to IAM engineering for production rollout.
  • Define agent identity lifecycle (registration, credential rotation, revocation, environment separation).
  • Integrate IAM across AI platform components; support CI/CD and IaC for IAM configurations.
  • Establish patterns for human‑in‑the‑loop controls, break‑glass access, and rate limiting.
  • Maintain documentation, decision records, diagrams, and runbooks.
  • Deliver POC summaries, evaluations, and implementation guidance; communicate risks and dependencies.
  • Ensure regulatory compliance; partner on threat modeling and controls (secrets, PAM, audit evidence).
  • Serve as IAM SME for AI initiatives; mentor engineers.
  • Deliver production‑ready IAM patterns and reduce identity risk across AI workloads.
Requirements
  • 10+ years in IAM, security architecture, or platform engineering with significant IAM scope.
  • 2+ years building IAM POCs and troubleshooting OAuth 2.0 / OIDC flows (Auth Code + PKCE, refresh tokens, client credentials, token exchange, OBO).
  • 2+ years with Ping One AIC and/or Microsoft Entra .
  • Hands‑on experience designing identity for APIs, microservices, and BFF architectures.
  • Experience integrating IAM with API gateways, AI/ML platforms, and modern application stacks.
  • Strong knowledge of SAML, OAuth, OIDC, JWT, scopes, and authorization patterns.
  • Familiarity with agent/tool identity models and secure integration patterns.
  • Ability to translate AI requirements into secure identity designs; strong communication skills.
Preferences
  • Experience delivering AI/ML agents or copilots to production.
  • Experience with SailPoint, Cyber Ark/Delinea, or Auth0/CIAM.
  • Knowledge of AI‑aware API gateways (e.g., Kong).
  • Experience with IAM modernization or M&A programs.
  • Relevant certifications (CISSP, CCSP, Entra, Ping, SailPoint, AWS).
  • Familiarity with zero trust and identity threat detection.
Pay Range

$ – $ (actual base salary varies based on relevant skill, prior experience, education, peers, performance, and geographic location).

Equal Opportunity Employer.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary