American Tower

Principal Identity Architect

American Tower

full-time

Posted on:

Location Type: Hybrid

Location: BostonMassachusettsUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $150,000 - $180,000 per year

Job Level

Lead

About the role

  • Lead the design, development, and implementation of the IGA solution and support the implementation of the PAM solution. This includes designing the integrations between the IGA solution and directory services, Human Resources department systems, and business applications.
  • Translate business and security requirements into scalable identity architectures, workflows, and automation patterns.
  • Architect robust solutions for joiner/mover/leaver processes and identity lifecycle automations.
  • Collaborate with the Security Operations team on implementing the PAM solution.
  • Work closely with Security Operations, Network, and Application teams to ensure consistent adoptions of identity patterns.
  • Implement zero trust access controls including conditional access, least privilege, and posture-based enforcement.
  • Design enterprise-wide authentication and access control frameworks for the workforce including the enhancement of multi-factor authentication, single sign-on, passwordless, and risk-adaptive authentication solutions.
  • Oversee the maintenance of the IGA and PAM solutions, such as the configuration of identity policies.
  • Work with GRC team members to define IAM and PAM standards and execute related policies in the relevant tool, including entitlement governance standards. Provide guidance for third-party access, vendor access assessments, and IAM controls testing.
  • Constructively engage with IT and business partners to drive the adoption of the IGA solution and zero trust principles.
  • Serve as subject matter expert for identity-related decisions and escalations and for identity technologies, guiding engineers, administrators, and application owners.
  • Establish standards for entitlement models, roll-based access control, segregation of duties, and certification workflows.
  • Mentor IAM and PAM engineers, analysts, and/or administrators across the organization.
  • Review system designs to ensure alignment with IAM principles and security controls.
  • Educate stakeholders about identity-related matters to increase awareness and improve processes.

Requirements

  • Bachelor’s degree or equivalent work experience required.
  • At least 10 years of identity security experience.
  • Deep modern IAM platforms experience (SailPoint preferred).
  • Strong understanding of authentication/authorization protocols and directory services.
  • Experience designing IAM solutions at enterprise scale.
  • Ability to lead enterprise-scale identity transformations.
  • Strong ability to convey complex identity concerns in a manner that is easily understood and actionable and constructively challenges prevailing thoughts and processes.
  • Must have good judgment, a sense of urgency, and a commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.
  • Approximately 10% travel may be required to support the position’s responsibilities.
  • Strong organization, planning, and project management skills; ability to prioritize tasks for yourself and a team to meet requirements and deadlines.
  • Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
  • Strong leadership skills; ability to drive and motivate a team to achieve results.
Benefits
  • healthcare coverage
  • a 401(k) savings plan
  • paid time off
  • company holidays
  • sick leave
  • parental leave
  • access to an Employee Assistance Program focused on mental and financial wellness
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
identity governance and administration (IGA)privileged access management (PAM)identity lifecycle automationauthentication protocolsauthorization protocolsdirectory servicesmulti-factor authenticationsingle sign-onpasswordless authenticationrisk-adaptive authentication
Soft Skills
leadershipcommunicationorganizational skillsproject managementjudgmentsense of urgencycommitment to ethicscustomer servicecollaborationmentoring