Principal Identity Architect

About the position Responsibilities • Architect and lead the enterprise-wide Zero Trust identity strategy, aligning with business goals and regulatory requirements, minimizing risks and enhancing the organization's ability to protect assets in distributed and cloud-native environments. • Design and implement identity-centric security controls and policies, including identity federation, adaptive authentication, privileged access management, and overall user, workload and device identity governance. • Integrate ABAC and PBAC to ensure continuous verification and enforcement of least privilege access. • Collaborate with the security governance and compliance teams to ensure that IAM and cloud security initiatives comply with relevant industry standards. • Lead security assessments, audits, and threat modeling related to identify and mitigate vulnerabilities within cloud and identity systems. • Assess and improve current IAM frameworks. • Collaborate with cross-functional teams (information security, network, cloud, and applications) to integrate identity into the broader Zero Trust architecture. • Serve as a thought leader and trusted advisor to senior leadership on identity security trends, threats, and best practices. • Mentor junior architects and engineers, fostering a culture of identity-security-first thinking. Requirements • Education: Bachelor's or master's degree in computer science, Cyber Security, or related field. • 10+ years of IT experience with identity and cybersecurity architecture, with a focus on IAM, Cloud Security, Zero Trust methodologies, and advanced access control models (ABAC/PBAC). • Information Security certification are a definite plus; Experience with infrastructure as code, CI/CD pipelines, Cyber Security practices; Familiarity with compliance frameworks (GDPR, SOX, etc.). • Technical Expertise: Identity Governance, Administration and Orchestration tools; Access control modeling such as RBAC and PBAC; Familiarity with NIST standards; Proficiency in scripting and automation tools; Deep understanding of Zero trust architecture, Application based segmentation; Expertise in Identity Federation protocols such as SAML, SCIM, OpenID, OAuth, LDAP. • Significant experience with Microsoft Entra ID, Entra Governance, Azure workloads security, Legacy Active Directory, M365 Conditional Access, Intune, JAMF, Workspace One, Cloud infrastructure automation, Zscaler ZTNA, Nextgen SIEM tooling, Risk scoring, etc. Benefits • Comprehensive traditional benefits package including three options for medical insurance, dental, vision, life insurance, and 401K. • Opportunities for online learning and development courses. • Tuition reimbursement. • $100 monthly student loan support. • Various mentorship programs. • Yearly $1,000 lifestyle reimbursement. • 4 weeks of vacations. • 12 holidays. • Generous parental leave. Apply tot his job