Access Management (Entra ID, Plain ID)
Quick Overview
Job Description
CITDE (Data & Engineering) is looking for a Cloud Architect to perform, but not limited to, the following detailed scope of work.
· Architect and design enterprise access management and data privacy solutions.
· Develop and maintain architectural documentation, reference diagrams, process models, and runbooks.
· Design and implement Policy-Based Access Control frameworks such as PBAC, ABAC and RBAC using technologies like PlainID and Entra ID.
· Ensure alignment with enterprise standards and security posture frameworks.
· Implement and manage access control policies across cloud platforms.
· Integrate Entra ID Identity Governance & Administration (IGA) for:
· Identity Lifecycle
· Entitlement Management
· Delegated User Administration
· Unified Access Governance Automation
· Access Authorization
· Architect and implement unified application onboarding workflows using SailPoint.
· Design and enforce role-based access control (RBAC), PBAC, and lifecycle management.
· Design, develop, and manage authorization policies using natural language and PBAC frameworks.
· Integrate Microsoft Purview for unified data governance and privacy compliance.
· Design secure cloud architectures using Azure services, adhering to CIS, NIST, and ISO 27001 standards.
· Implement data protection strategies including encryption (at rest/in transit), secure storage, and backup/recovery.
· Ensure compliance with privacy regulations using governance and auditing tools.
· Utilize Azure-native tools for data classification, labeling, and policy enforcement.
· Implement CI/CD pipelines using Azure DevOps.
· Automate deployment, configuration, and testing using Infrastructure as Code (IaC) tools like Terraform.
· Integrate access management into DevOps pipelines for seamless CI/CD operations.
· Plan and execute policy deployments across environments using ADF Pipelines.
· Maintain developer handbooks and runbooks for authorization management.
· Collaborate with developers, QA, project managers, and stakeholders to ensure cohesive delivery.
· Use Agile/Scrum methodologies for iterative development and rapid delivery.
· Maintain documentation in collaboration tools and provide weekly status updates.
· Develop and enhance access management reporting frameworks.
· Present solutions, architecture, and progress to senior management and stakeholders.
· Provide clear, concise, and impactful presentations and documentation.
Skills Required :
· Expertise in designing end-to-end solutions that align with business needs and enterprise standards.
· Ability to create reference architecture diagrams using tools like iGrafx or Visio.
· Strong understanding of enterprise architecture frameworks such as TOGAF, Zachman, or similar frameworks.
· Deep hands-on experience in architecture and development of .Net and APIs.
· Strong hands-on experience and knowledge of IAM and Authorization technologies, such as: Entra ID, PlainID, SailPoint etc.
· Architecture and design knowledge of implementing data authorization in Salesforce.
· Proven experience in architecting and development of PBAC, ABAC and RBAC authorization Policy solutions.
· Experience with SailPoint for unified application onboarding and IGA workflows.
· Expertise in identity lifecycle management, entitlement management, and delegated administration.
· Experience with integrating SailPoint with cloud platforms and enterprise systems.
· Expertise in Microsoft Azure; experience with AWS, Google Cloud, Oracle Cloud is a plus.
· Proficiency in cloud-native security tools, network security, and threat detection.
· Experience with data protection, encryption, and compliance tools (e.g., Microsoft Purview).
· Experience with data encryption, data loss prevention policies, and secure data storage solutions across cloud platforms.
· Experience with data classification and labeling data for compliance.
· Integration of automation pipelines with access management solutions.
· Proficiency in C#, JavaScript, Python, Git.
· Experience with API integration, OAuth/JWT, and documentation tools like Swagger/OpenAPI.
· Experience with designing secure network architectures using virtual networks, firewalls, and security groups.
· Experience using cloud-native security tools for threat detection and continuous security monitoring.
· Knowledge and experience with Database security and administration (Oracle, Postgres, MSSQL, Cosmos DB).
· Exceptional presentation and communication skills.
· Ability to engage with senior management and cross-functional teams.
· Strong problem-solving and troubleshooting capabilities.
· 8+ years in IAM architecture, design, and development.
· Bachelor’s degree or higher in Computer Science or related field.
· Relevant certifications such as Microsoft Certified: Azure Fundamentals, Azure Solutions Architect Expert, Azure Security Engineer Associate, Security, Compliance, and Identity Fundamentals, AWS Certified Solutions Architect, Google Cloud Professional Architect, CISSP, or similar are highly desirable.
Skills
Similar jobs
TECHNICAL PRODUCT LEAD
Connect Tech+Talent · United States
10 minutes agoOracle Order
StratEdge It consulting INC · Sunnyvale, United States
10 minutes agoLMS Administration & Training Operations
Innovecture · United States
43 minutes agoSenior Trading Analyst
Vistra Corp · Irving, United States
1 hour agoInformation Assurance Systems Administrator
Booz Allen Hamilton · Leavenworth, United States
1 hour ago$61.9k - $141k/yrTechnical Project Lead
Seek Thermal · Santa Barbara, United States
1 hour ago