Workforce Identity Architect, VP
MUFG · Tampa, FL · 2 mo ago
On-siteArt & Creative$166k–$192k/yrFull-time
Key Responsibilities
- Define and maintain global workforce identity architecture using Microsoft Entra ID in hybrid and cloud-mastered environments.
- Establish standard patterns for authentication, federation, Conditional Access, and MFA.
- Design tenant-level identity integration patterns that scale across applications and regions.
- Architect and standardize Joiner / Mover / Leaver (JML) identity lifecycle patterns driven by authoritative HR sources.
- Ensure consistent provisioning, modification, and deprovisioning of workforce identities.
- Reduce orphaned, dormant, and over-provisioned access through strong lifecycle design.
- Define workforce identity governance standards, including access requests, access reviews, and separation of duties (SoD).
- Architect privileged access models for workforce identities, including PIM and Just-in-Time access.
- Ensure access models are auditable and aligned to regulatory and risk expectations.
- Leverage analytics and AI-assisted capabilities to improve role and entitlement design.
- Reduce access certification noise by improving role quality, review scoping, and access rationalization.
- Translate analytic insights into architectural improvements rather than one-off reporting.
- Define and consume workforce identity metrics, including access quality, review effectiveness, and lifecycle hygiene.
- Use metrics to continuously improve identity architecture and reduce access risk.
Required Qualifications
- 8–10+ years of experience in identity, access management, or security architecture roles.
- Deep expertise in Microsoft Entra ID architecture in hybrid environments.
- Strong experience designing JML lifecycle, identity governance, and privileged access controls.
- Ability to design auditable, regulator-defensible access models.
- Proven ability to influence across technical and non-technical stakeholders.
Preferred Qualifications
- Experience using analytics or AI-assisted tools for access optimization and certification improvement.
- Experience supporting global or federated IAM models with regional variation.
- Familiarity with regulated industries (e.g., financial services).
- Relevant identity or security certifications.