You’ll design, implement, and evolve enterprise-scale identity platforms that are secure, resilient, and intuitive to use. Design, implement, and support hybrid identity architectures using Active Directory, Microsoft Entra ID, and Okta.Architect secure authentication, authorization, and federation patterns for workforce, partner, and service identities.Apply least-privilege access models using RBAC, ABAC, and role lifecycle management aligned to business functions.Design and implement MFA, passwordless authentication, conditional access, and adaptive authentication policies that balance security and usability.Enable and automate joiner/mover/leaver (JML) processes and identity lifecycle workflows.Integrate IAM platforms with HR systems, directories, and SaaS applications.Support identity-related incident response, including investigation and remediation of access misuse, authentication failures, and identity compromise.Monitor identity signals, logs, and alerts to strengthen detection and response capabilities.Create clear architecture diagrams, standards, runbooks, and implementation documentation.Provide architectural guidance, design reviews, and best-practice recommendations to application and infrastructure teams. What You Bring 7+ years of experience in security or identity architecture with deep, hands-on expertise in enterprise IAM platforms.Advanced experience with:Active Directory (domains, forests, trusts, GPOs, authentication protocols)Microsoft Entra ID (Conditional Access, MFA, Identity Protection, PIM)Okta (Workforce Identity, SSO, MFA, Lifecycle Management, Workflows)Proven experience designing and operating hybrid AD / Entra ID architectures, including directory synchronization.Strong background in:Identity lifecycle automation and role modelingOkta application integrations, federation, and lifecycle rulesRisk-based access design and Zero Trust identity strategiesPrivileged identity and access management (PIM, PAM, break-glass accounts)Identity governance, access reviews, and certification at enterprise scaleLarge-scale directory transformations and cloud migrationsCloud-first and hybrid identity architecture design Deep understanding of identity and access protocols, including Kerberos, LDAP, SAML, OAuth 2.0, and OpenID Connect.Strong knowledge of Zero Trust principles and identity-centric security models.Ability to communicate complex technical concepts clearly to both technical and non-technical stakeholders.Highly organized with strong prioritization and time-management skills.Flexible, adaptable, and comfortable navigating shifting priorities.Effective in a remote or hybrid environment with limited in-person interaction.
Create an account to see the full posting, access our search engine, and more.You're just 60 seconds away from your new Creativeloft account.