Description

You will be the technical authority defining and implementing advanced identity and access management strategies.

Responsibilities

• Assess identity maturity and define target architectures across workforce, customer, workload, and machine identities under Zero Trust (NIST SP 800 207).
• Design adaptive access controls (risk-based, context-aware, passwordless/FIDO2, device trust) for web, mobile, and legacy applications.
• Implement workload identity (mTLS, SPIFFE/SPIRE, PKI) for microservices running on Kubernetes and serverless platforms.
• Integrate Identity Governance and Administration (IGA), Privileged Access Management (PAM), and ITDR solutions to restrict privileges and lateral movement.
• Create multi-tenant reference architectures and runbooks for managed identity services, defining SLAs and KPIs.

Required Skills

• 6+ years in cybersecurity with 6+ years focused on Identity & Access.
• Deep knowledge of SAML, OAuth X.X, OpenID Connect, SCIM, and FIDO2/WebAuthn.
• Hands-on experience with Microsoft Entra ID, Okta, Ping, and ForgeRock.
• Experience with IGA platforms such as SailPoint or Saviynt, and PAM tools like CyberArk.
• Proficiency in cloud and workload identity across Azure, AWS, and GCP, including secrets management.
• Familiarity with CIEM/permissions management (e.g., Entra Permissions Management) and ITDR.
• Knowledge of API authorization using Policy as Code (e.g., OPA) for event-driven architectures.
• Proven ability to integrate identity telemetry with SIEM/SOAR/MDR tools like Microsoft Sentinel or Splunk.

Preferred Skills

• Experience leading complex identity migrations and M&A integrations.
• Familiarity with IoT/OT device identity provisioning and attestation.

Key Skills

Education

Any Gradute