
IAM Architect – Access Management, CIAM
GuidePoint Security
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
About the role
- Deploy, configure, manage, and support Okta, Auth0, Ping Identity (PingFederate, PingOne, PingOne AIC), and Microsoft Entra ID environments
- Manage user lifecycle governance including provisioning, deprovisioning, and access certification workflows
- Maintain authentication policies, authorization rules, access workflows, and security controls
- Implement and oversee Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Adaptive Authentication
- Ensure adherence to least-privilege and Zero-Trust principles for all user and application identities
- Support modern IAM capabilities such as: Just-in-Time (JIT) access provisioning, Conditional Access and risk-based authentication, API access management and OAuth/OIDC flows, Cloud-native identity federation, Identity lifecycle automation and governance, Passwordless and phishing-resistant authentication, Workforce and customer identity management (CIAM)
- Assist in building automated identity workflows for application onboarding and user access requests
- Integrate IAM platforms with AD/LDAP, cloud directories, SIEM, SCIM provisioning, SAML/OIDC applications, and cloud services (AWS/Azure/GCP)
- Onboard new applications, SaaS platforms, APIs, and services to Okta, Ping Identity, and Entra ID
- Configure identity providers (IdP), service providers (SP), federation protocols, and API gateways
- Develop automation for user provisioning, access reviews, and monitoring using PowerShell, Python, or REST APIs
- Implement access governance policies, role-based access control (RBAC), and attribute-based access control (ABAC)
- Configure and maintain directory synchronization, identity federation, and hybrid identity architectures
- Support identity threat detection, anomaly monitoring, and security incident response
- Champion projects from an ownership perspective, taking full accountability for successful delivery and client outcomes
- Drive client customer satisfaction by maintaining proactive communication, managing expectations, and ensuring quality deliverables
- Provide strategic oversight across multiple concurrent projects, ensuring alignment with client objectives and timelines
- Enhance delivery team efficiency through mentorship, technical guidance, and process optimization
- Ensure appropriate staffing on projects by assessing technical requirements and team capabilities
- Identify and mitigate project risks, escalating issues when necessary to maintain project health
- Collaborate with project managers and leadership to optimize resource allocation and project planning
- Conduct regular project health checks and implement corrective actions to keep engagements on track
- Foster strong client relationships through technical excellence and consultative approach
- Lead post-implementation reviews and capture lessons learned to continuously improve delivery practices
- Develop and refine standard operating procedures (SOPs) and templates to improve consistency and quality across engagements
- Create and maintain technical documentation, implementation guides, and best practice frameworks
- Standardize delivery methodologies and tooling to enhance team productivity and client outcomes
- Provide technical expertise during the presales process to support new business opportunities
- Assist with project scoping activities, including technical discovery and requirements gathering
- Develop Level of Effort (LOE) estimates for proposed IAM implementations and engagements
- Contribute to Statement of Work (SOW) development, ensuring technical accuracy and feasibility
- Support proposal development with technical content, solution architectures, and implementation approaches
- Act as a liaison between the sales organization and delivery practice to ensure smooth handoffs
- Participate in client-facing presentations and technical demonstrations during the sales cycle
- Provide subject matter expertise to address technical questions and concerns from prospective clients
- Collaborate with sales teams to identify opportunities for service expansion and upsell within existing accounts
Requirements
- Bachelor's degree in Computer Science, Information Security, or related field — or equivalent work experience
- 3–5+ years of experience in Identity and Access Management engineering or Consulting
- Hands-on experience with Okta (Universal Directory, Lifecycle Management, Workflows, API Access Management)
- Experience implementing Microsoft Entra ID including Conditional Access, Identity Protection, and Entra Connect
- Working knowledge of Ping Identity solutions (PingFederate, PingOne, or PingAccess)
- Strong understanding of identity governance, SSO protocols (SAML, OIDC, OAuth), MFA, and access certification
- Experience with Windows/Linux server administration and Active Directory
- Familiarity with scripting (PowerShell, Python) and REST APIs
- Knowledge of common security frameworks and access control principles.
Benefits
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
OktaAuth0Ping IdentityMicrosoft Entra IDSingle Sign-On (SSO)Multi-Factor Authentication (MFA)PowerShellPythonREST APIsActive Directory
Soft Skills
client satisfactioncommunicationmentorshipproject managementrisk managementcollaborationtechnical guidanceconsultative approachaccountabilityprocess optimization
Certifications
Bachelor's degree in Computer ScienceBachelor's degree in Information Security