Senior IAM Architect (SailPoint IdentityNow)
Role Overview
The Senior IAM Architect (SailPoint IdentityNow) is a strategic and technical leadership role responsible for designing, implementing, and governing enterprise-wide Identity & Access Management (IAM) solutions.
This role will define future-state IAM architecture, lead RBAC and identity lifecycle transformation, and drive compliance-aligned identity governance programs across complex enterprise environments—particularly in Financial Services ecosystems.
The architect will act as a trusted advisor to CISOs, CIOs, and business leaders, ensuring identity is positioned as a core security and business enabler.
Key Responsibilities
Must have hands-on experience
1. in designing Enterprise IAM Architecture using SailPoint IdentityNow and leading IGA platforms, aligned to Zero Trust, Hybrid IAM (Cloud + On-Prem), and scalable identity governance models driving IAM transformation.
2. In as a SailPoint IdentityNow SME, implementing JML (Joiner-Mover-Leaver) workflows, Access Certifications, Policy-Based Access Controls, and developing connectors, ensuring platform optimization and performance tuning.
3. in Identity Lifecycle Management, including automated provisioning/deprovisioning, integration with HR systems, AD/LDAP, and enabling real-time access governance.
4. in RBAC design, role mining and engineering, defining business and IT roles, managing entitlements, enforcing least privilege, and implementing SoD (Segregation of Duties) frameworks.
5. in connector architecture and integration, including API-based integrations (REST/SCIM) across AWS, Azure, OCI, enterprise applications (ERP/CRM), and directories (AD/LDAP/Entra ID).
6. in aligning IAM with regulatory frameworks such as FINRA, SEC, and SOC 2, along with NIST, ISO 27001, ensuring audit readiness and compliance reporting.
7. in IAM migration and transformation, including legacy to SailPoint transitions, cloud IAM transformation, data mapping, entitlement reconciliation, and migration roadmap execution with risk mitigation.
8. in Financial/Wealth Management IAM environments, supporting regulatory compliance, trading systems, payment platforms, and ensuring customer data security and auditability.
9. in integrating IAM with SIEM, SOAR, and PAM, enabling ITDR (Identity Threat Detection & Response) and risk-based access controls using contextual signals.
10. in IAM leadership, engaging with CISO/CIO stakeholders, driving solution architecture, enabling cross-functional collaboration, and mentoring teams.
Qualifications & Experience
Experience
- 10+ years of experience in Identity & Access Management (IAM)
- 5+ years of hands-on experience with SailPoint IdentityNow / IdentityIQ
- Proven experience in large-scale IAM transformation programs
- Experience in Financial Services deployments (mandatory)
Certifications (Mandatory & Preferred)
SailPoint Certified IdentityNow Engineer (mandatory) with preferred certifications including CISSP, CISM, TOGAF, and cloud credentials across AWS, Azure, or OCI.
Technical Skills
Strong expertise in Identity Governance & Administration (IGA), RBAC/ABAC models, and end-to-end identity lifecycle management. Proficient in APIs (REST, SCIM), directory services (AD, LDAP, Entra ID), and familiar with PAM, SIEM/SOAR integrations, and cloud IAM frameworks.
Compliance & Governance Knowledge
Solid understanding of financial regulatory requirements, audit frameworks, control validation, and identity risk and compliance metrics.
Preferred Skills
Experience with leading IGA tools (Saviynt, Oracle IAM, Okta), exposure to Zero Trust architecture, and familiarity with automation, AI-driven IAM, and identity analytics.
Soft Skills
Strong analytical thinking, executive communication capability, strategic mindset with execution focus, and ability to perform in complex, high-pressure environments.
Work Location
Apply Now
Activate JobCopilot
Your email job alert is now active!