Enterprise Identity & Access Management Architect
About the role
We are looking for an Enterprise Identity & Access Management Architect. You will be responsible for defining and driving the enterprise Identity & Access Management (IAM) strategy, architecture, standards, and governance across hybrid cloud, SaaS, and on-premises environments. You will partner with cybersecurity, technology, risk, and business stakeholders to deliver secure, scalable, and resilient identity capabilities that protect the firm while enabling business growth.
Why This Role Is Important To Us
The team you will be joining is part of the Security Architecture organization, a function that is critical to the firm's ability to securely deliver technology services, manage cybersecurity risk, and meet regulatory obligations. As identity remains a cornerstone of modern security and Zero Trust architectures, this role is responsible for establishing the strategic direction, governance, and architectural standards that protect enterprise identities, privileged access, and critical business services.
What You Will Be Responsible For
- Define and maintain the enterprise IAM strategy, architecture, standards, and roadmap.
- Lead the design and governance of identity services, including Identity Governance, Privileged Access Management, Authentication, Authorization, Federation, and Directory Services.
- Develop secure identity architecture patterns and reference architectures for workforce, customer, third-party, and machine identities.
- Partner with engineering, cloud, application, and cybersecurity teams to embed identity controls into enterprise platforms and services.
- Drive the adoption of Zero Trust principles, strong authentication, least privilege, and secure-by-design practices while providing architectural oversight and governance for strategic initiatives.
What We Value
- Strong security architecture and IAM domain expertise coupled with strategic thinking and sound risk-based decision-making.
- Demonstrated ability to influence enterprise-wide technology and architecture decisions.
- Strong leadership, communication, and stakeholder management skills.
- Experience leading complex, large-scale technology transformation programs across global organizations.
- Ability to balance security, operational resilience, regulatory requirements, and business enablement through practical architectural solutions.
Education & Preferred Qualifications
- Degree in Computer Science, Information Security, Information Technology, Engineering, or a related discipline.
- 10+ years of experience in cybersecurity, security architecture, Identity & Access Management, or related technology disciplines.
- Experience designing and implementing enterprise-scale IAM solutions across cloud, SaaS, and on-premises environments.
- Deep understanding of Identity Governance & Administration (IGA), Privileged Access Management (PAM), Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federated identity technologies.
- Experience with leading IAM platforms including Microsoft Entra ID, SailPoint, Saviynt, CyberArk, Okta, Ping Identity, ForgeRock, or equivalent technologies.
- Professional certifications such as CISSP, CCSP, TOGAF, SABSA, SailPoint, CyberArk, or equivalent security and IAM certifications are highly desirable.
Additional Requirements
- Experience operating within highly regulated industries, preferably financial services.
- Ability to work effectively with global teams and stakeholders across multiple regions.
- Limited travel may be required based on business needs.