Principal IAM Engineer
Siemens Digital Industries Software · Charlotte, NC · 2 wk ago
HybridResearchFull-time
About the role
Siemens Digital Industries Software is a leading provider of PLM software solutions used in various industries. We are now seeking a Principal IAM Architect to lead the strategic direction, architecture, and implementation of Identity and Access Management solutions.
Responsibilities
- Develop and lead the long-term IAM strategy aligned with business objectives, security frameworks, and industry best practices.
- Provide expert guidance to senior leadership on identity governance, access management, and regulatory compliance.
- Establish and enforce IAM standards, policies, and processes that ensure secure, efficient, and auditable identity workflows.
- Lead the design and deployment of IAM systems across hybrid environments, integrating on-premises infrastructure, cloud platforms (AWS, Azure), and SaaS applications.
- Architect solutions for authentication, authorization, identity federation, privileged access, and lifecycle management using industry-standard protocols (SAML, OAuth2, OpenID Connect, SCIM).
- Oversee the selection and evaluation of IAM tools and technologies, ensuring alignment with scalability, performance, and security goals.
- Design and implement robust access governance frameworks, including role management, entitlement reviews, and segregation of duties.
- Partner with legal, compliance, and audit teams to ensure IAM practices meet regulatory requirements (GDPR, HIPAA, SOX, PCI-DSS, etc.).
- Lead risk assessments, identity-related incident investigations, and mitigation strategies.
- Drive automation initiatives to streamline identity provisioning, access requests, and self-service capabilities.
- Implement advanced monitoring and reporting capabilities to ensure proactive identification of identity threats and anomalies.
- Explore and implement AI-driven identity analytics and adaptive access controls where applicable.
- Work closely with application teams, IT operations, DevOps, and cybersecurity teams to integrate IAM solutions seamlessly across systems.
- Mentor and coach junior architects, engineers, and security teams to build identity management capabilities.
- Act as a liaison between technical teams and business stakeholders, translating complex identity issues into actionable solutions.
- Continuously review and optimize IAM processes to reduce risk, enhance efficiency, and improve user experience.
- Lead initiatives for Zero Trust architecture adoption and identity-driven security models.
- Provide thought leadership on emerging identity technologies, industry trends, and advanced security techniques.
Qualifications
- Bachelor’s or master’s degree in computer science, Cybersecurity, Information Systems, or a related field.
- 15+ years of experience in IAM architecture, with at least 3–5 years in a senior or leadership role!
- Extensive experience in architecting scalable SaaS CIAM software.
- Proven experience in designing and implementing enterprise-scale IAM solutions across diverse environments.
- Deep knowledge of authentication protocols (SAML, OAuth2, OpenID Connect, SCIM, Kerberos).
- Hands-on experience with IAM platforms such as Okta, Azure AD, SailPoint, Ping Identity, ForgeRock, or similar.
- Experience integrating identity solutions with cloud platforms (AWS IAM, Azure AD, Google Identity) and hybrid infrastructures.
- Expertise in access governance, compliance frameworks, risk management, and identity lifecycle management.
- Strong programming or scripting skills (Python, PowerShell, etc.) to support automation and integrations.
- Excellent leadership, communication, and stakeholder management skills!
- Industry certifications such as CIAM, CISSP, CISM, or vendor-specific certifications (Okta, Azure Security, AWS Certified Security).
- Experience in Zero Trust frameworks and identity-based security architectures.
- Familiarity with DevSecOps practices and tools for CI/CD integration.
- Background in highly regulated sectors like financial services, healthcare, or government.
- Strong development and system design experience
- Experience in developing software using technology stacks like Java, C#, Python, Spring Boot, AWS services, Kubernetes
- Experience and ability to build and design an Auth server
Benefits
We offer a variety of health and wellness benefits, flexible work arrangements, and competitive compensation packages. For more details, visit our benefits page.