Senior IAM Architect

Role Overview

As a Senior IAM Architect on the Corporate IT Systems Administration team, you will lead the internal IAM practice across both workforce and customer identity environments. This is a senior, hands-on role focused on designing, implementing, operating, and continuously improving identity capabilities. You will serve as the internal owner of the IAM architecture and operational direction, ensuring the environment is secure, functional, scalable, and maintainable while partnering with internal product teams and business stakeholders to evaluate and adopt new capabilities over time.

Responsibilities

• Lead the architecture, roadmap, and day-to-day maturity of the internal IAM practice across WIAM, CIAM, authentication, authorization, federation, lifecycle management, and governance.
• Own the design, implementation, operation, and continuous improvement of internal identity platforms and supporting processes.
• Translate business requirements into scalable technical controls and usable identity services as the internal owner of the access model and identity architecture.
• Partner with internal product teams to evaluate, pilot, and adopt new products and acquired capabilities in corporate and CIAM environments.
• Collaborate with IT, Security, HR, Engineering, and Product stakeholders to define identity requirements and align IAM capabilities to business needs.
• Lead role engineering efforts by analyzing business requirements, defining roles and permissions in functional terms, and ensuring system privileges map correctly to approved access models.
• Drive operational execution for SSO, MFA, federation, provisioning, deprovisioning, role assignment, access reviews, and exception handling.
• Troubleshoot complex authentication, authorization, provisioning, and access issues across applications, directories, workflows, and connected systems.
• Maintain and improve standards, procedures, controls, reporting, and documentation for IAM operations, including access reviews and change governance.
• Maintain a lab and test environment to validate new integrations, prototype capabilities, and trial new products before production rollout.
• Serve as an internal IAM thought leader and provide practical product feedback based on real enterprise use cases.

Requirements

• 8+ years of experience in Identity and Access Management, including designing, implementing, and operating both WIAM and CIAM environments.
• Proven experience owning complex IAM platforms from architecture through operations in enterprise environments.
• Experience building and maintaining DaVinci flows for WIAM and CIAM use cases.
• Strong hands-on experience with identity products in production environments, specifically PingOne SSO, PingID, PingOne MFA, PingOne Protect, and PingFederate.
• Expertise with modern identity standards and protocols such as SAML, OAuth, OpenID Connect, SCIM, LDAP, and REST-based integrations.
• Strong hands-on troubleshooting skills across authentication, federation, access, and provisioning flows.
• Experience defining and maintaining roles, permissions, and access models in business terms.
• Strong understanding of identity lifecycle processes, including joiner/mover/leaver workflows, access requests, approvals, and periodic reviews.
• Experience implementing IAM controls, reporting, and governance processes that improve auditability and risk management.
• Working knowledge of directory services, PKI/certificates, networking, system administration, and application integrations.
• Bachelor’s degree in Computer Science, Information Systems, Engineering, or equivalent practical experience.

Preferred Qualifications

• Expertise designing, implementing, and maintaining DaVinci Product flows and familiarity with the broader Ping platform ecosystem.
• Experience with PingOne Authorize, PingAccess, and PingDirectory.
• Experience serving as an internal platform owner who can evaluate new capabilities and form a point of view on architecture.
• Strong understanding of access controls, segregation of duties, least privilege, and policy-driven authorization models.
• Experience with change management, release management, and integrating IAM work into broader IT and security operating processes.
• Experience with DevOps and platform engineering practices such as Terraform, CI/CD, API integration, and cloud-native deployment models.

Benefits

• Generous PTO and holiday schedule.
• Parental leave.
• Progressive healthcare options.
• Retirement programs.
• Opportunity for education reimbursement.
• Commuter offset (specific locations).
• Flexible, collaborative work environment.
• Employee Resource Groups and community initiatives.