Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Identity and Access Management (IAM) Operations
Good to have skills : NA
Minimum
12 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
We are seeking an experienced IAM Manager to lead enterprise Identity & Access Management initiatives across Microsoft Entra ID (Azure AD), Active Directory, PKI, SailPoint Identity Security Cloud (ISC), CyberArk, ForgeRock, Ping Identity, and End User Provisioning. This role combines technical leadership, people management, and stakeholder engagement to ensure secure, compliant, and scalable identity services.
Roles & Responsibilities:
- Expected to be an SME.
- IAM Strategy & Leadership
- Define and execute the IAM roadmap and strategy aligned with business, security, and compliance goals.
- Act as the primary IAM point of contact for senior stakeholders, security leadership, and auditors.
- Drive adoption of Zero Trust and identity-first security principles.
- Team & Delivery Management
- Lead, mentor, and manage a team of IAM engineers and leads across IGA, PAM, and AM domains.
- Oversee delivery, operations, and continuous improvement of IAM services.
- Manage vendor relationships and coordinate with system integrators.
- Identity & Directory Services
- Provide oversight and architectural guidance for Microsoft Entra ID (Azure AD) and On-Prem Active Directory.
- Govern hybrid identity, federation, SSO, MFA, and conditional access implementations.
- Ensure high availability, resilience, and secure configurations.
- Identity Governance & Administration (IGA)
- Lead implementation and operations of SailPoint Identity Security Cloud (ISC).
- Own Joiner Mover Leaver (JML) processes and access governance frameworks.
- Ensure effective access reviews, certifications, role modeling, and Sod controls.
- Privileged Access Management (PAM)
- Provide strategic and operational oversight for CyberArk PAM platforms.
- Ensure onboarding and lifecycle management of privileged, service, and application accounts.
- Enforce least privilege, credential rotation, and privileged session monitoring.
- Access Management (AM / CIAM)
- Oversee ForgeRock and Ping Identity platforms (PingFederate, PingOne, PingAccess).
- Govern SSO, MFA, OAuth2, OIDC, SAML integrations for workforce and customer identities.
- Ensure secure API and application access patterns.
- Public Key Infrastructure (PKI)
- Govern enterprise PKI and certificate lifecycle management.
- Ensure compliance with cryptographic standards and certificate policies.
- End User Provisioning & Automation
- Drive automation of end user provisioning and de-provisioning across applications.
- Ensure seamless integration with HR systems, directories, SaaS, and on-prem applications.
- Reduce manual effort and improve user experience through workflow optimization.
- Security, Compliance & Governance
- Ensure IAM controls meet audit, regulatory, and compliance requirements.
- Lead IAM-related audits, risk assessments, and remediation activities.
- Establish KPIs, SLAs, and operational metrics for IAM services.
Professional & Technical Skills:
- 10 plus years of experience in Identity & Access Management, with 3 to 5 years in a managerial or lead role.
- Strong hands on and leadership experience with
- Microsoft Entra ID (Azure AD) and Active Directory
- SailPoint ISC
- CyberArk PAM
- ForgeRock and/or Ping Identity
- PKI and certificate management
- Proven experience managing end-user provisioning and JML automation.
- Deep understanding of IAM protocols: SAML, OAuth2, OIDC, LDAP, Kerberos.
- IAM and security certifications (SailPoint, CyberArk, Microsoft, Ping, ForgeRock).
- Experience in large enterprises or regulated environments.
- Exposure to cloud platforms (Azure preferred AWS/GCP a plus).
- Knowledge of ITIL, Agile, or Dev SecOps delivery models.
Additional Information:
- The candidate should have minimum 12 years of experience in Identity and Access Management (IAM) Operations.
- This position is based at our Bengaluru office.
- A 15 years full time education is required.
