IAM Architect

Software Architect

Looking for a Software Architect to help us implement a new identity and access management (IAM) solution for our platform. While much of the focus of this role will consist of leading the journey into new identity and related cloud security technologies, a portion of the work will also involve defining architecture and standards for adjacencies including privileged account management, securing, and configuring tenancies, networking, encryption, and key or Certificate Management.

The role involves regular work with engineering to drive software improvements and evaluate existing and proposed technical architectures for security risk, provide technical advice to support the design and development of secure architectures and recommend security controls to mitigate those risks.

• Take the lead on our IAM architecture (SSO, authorization and permission modeling, identity management) to support high volume traffic (10+ million active users)
• Establish patterns for enforcing fine-grained access control policies across microservice APIs at scale
• Align identity and access management solutions with industry security standards, frameworks, and cloud security best practices
• Translate company policies and industry best practices into standards, reference architecture, solutions, and guidance material
• Work with security, privacy, and legal departments to ensure appropriate controls are developed, implemented, and maintained
• Support engineering teams by providing guidance and solutions
• Evangelize security and application standards
• Stay current on industry trends and cloud provider capabilities

• Developing identity management strategies, architectures and implementation plans in a hybrid on-premises/AWS microservice ecosystem
• Cloud security protocols including: OAuth, OpenID Connect, SAML federation, Single Sign-On MFA and strong authentication, AWS Config, AWS Control Tower
• Identity Provider (IdP) technologies and directories such as Active Directory Federated Services (ADFS) and AWS Cognito
• REST security concepts including OAuth, JSON, JWE, JWS, and JWT
• Have a solid understanding of Role-Based Access control and products, OAuth, Single Sign On, and related access and identity management
• Configuration of transport security, at-rest encryption and row-level options with AWS and databases (DynamoDB, PostgreSQL)
• Fluent in CICD tooling and automation capabilities
• Excellent oral and written communication skills, including presentation skills
• Ownership of your work and take pride in producing high-quality deliverables

• Instill trust: gain the confidence and trust of others through honesty, integrity, and authenticity
• Communicate effectively: develop and deliver multi-mode communications that convey a clear understanding of the unique needs of different audiences
• Customer focus: build strong customer relationships and deliver customer-centric solutions
• Drive results: consistently achieve results, even under tough circumstances

• Technical architecture experience integrating identity and access management software into cloud infrastructure and applications
• Experience in managing the security aspect of cloud deployments OR deployments of at least one identity and access management product
• Bachelor’s degree in Computer Science, Information Technology or related field, or an equivalent combination of education and work experience
• Minimum of six years of experience in progressively responsible information technology roles
• 10+ years of experience in developing software in a fast-paced company or technology consulting environment
• Experience with at least one of the following development environments/languages:
  Java / J2EE, Python, Java Script
• Strong leadership experience with a desire to collaborate and provide mentorship

• Knowledge of and experience implementing NIST, Center for Internet Security (CIS) Critical Security Controls, and/or CIS AWS Foundations Benchmark controls for identity access and management solutions.