IAM Architect

The Voleon Group

. Define and execute our identity and access management strategy across our hybrid infrastructure .

Posted 4/21/2026full-timeRemote • California, New York • 🇺🇸 United StatesSeniorLead💰 $280,000 - $310,000 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudGoogle Cloud PlatformKubernetesLinuxVault

About the role

Key responsibilities & impact

Define and execute our identity and access management strategy across our hybrid infrastructure
Design and implement IAM strategy across hybrid infrastructure - Linux, Kubernetes, Windows, AWS, Azure, and cloud identity providers
Architect identity solutions that bridge POSIX-based authentication with modern cloud platforms (OIDC, SAML, federation), migrating from legacy models
Implement privileged access management - just-in-time access, least privilege, periodic reviews, and accountability for shared service accounts
Extend zero-trust capabilities beyond current SASE remote access to broader infrastructure
Partner cross-functionally with Security Engineering, Infrastructure, DevOps, and Corp IT to integrate identity controls without disrupting production
Define the IAM roadmap — prioritize high-risk areas, translate business requirements into technical solutions, and establish credibility with senior engineering and research leaders
Build the IAM team - hire, mentor, and lead IAM engineers as the program scales

Requirements

What you’ll need

8+ years of experience in identity and access management, security engineering, or infrastructure engineering with focus on authentication/authorization
Deep expertise in hybrid identity architectures bridging on-premise (LDAP, FreeIPA, Active Directory) and cloud identity platforms (AWS IAM, Azure AD/Entra, Google Workspace)
Strong understanding of modern authentication protocols: OIDC, SAML, OAuth2, LDAP, Kerberos
Hands-on experience implementing identity solutions in Linux-heavy environments with POSIX requirements
Experience with cloud IAM platforms (AWS IAM / Identity Center, Azure AD, GCP IAM) including roles, policies, federation, and service accounts
Knowledge of privileged access management (PAM) tools and patterns (CyberArk, HashiCorp Vault, AWS Secrets Manager, or similar)
Understanding of zero-trust architecture principles and implementation patterns
Demonstrated ability to balance security requirements with operational workflows and production stability
Proven track record working with senior technical leaders and building organizational trust
Strong communication skills to explain complex identity concepts to both technical and non-technical stakeholders
Experience or strong interest in building and leading technical teams

Benefits

Comp & perks

medical, dental and vision coverage
life and AD&D insurance
20 days of paid time off
9 sick days
401(k) plan with a company match
Friends of Voleon Candidate Referral Program

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

identity and access managementauthenticationauthorizationhybrid identity architecturesOIDCSAMLOAuth2LinuxPOSIXprivileged access management

Soft Skills

leadershipcommunicationcollaborationmentoringtrust buildingproblem solvingbalancing security and operationscredibility establishmentcross-functional partnershiptechnical explanation