Identity & Access Management (IAM) - Security Architect at Arla Foods

Job Description

Experience: 7 to 12 Years

Work Type: Work From Home

Employment Type: Full Time

• The Identity and Access Management (IAM) Security Architect will be responsible for supporting the.
• planning, design, development and deployment of centralized identity and access management (IAM).
• PAM & identity governance & administration (IGA) solutions for R1. This is a hands-on role focused on.
• the security architecture in the IAM space supporting cloud services. This role supports the planning.
• design, and delivery of the enterprise-level IAM program in the areas of access management, privileged.
• access management, SSO, federation and cloud technologies. This role will work with teams such as.
• Development, Architecture, Security, Engineering and Operations to come up with optimized IAM.
• solutions. This is a technical position which will support the development of security strategies and architecture vision specifically setting the direction for IAM as it relates to cloud.

Roles and Responsibilities

• Provide knowledge and act as a subject matter expert on key principles of (IAM) with an in-depth.
• knowledge in the areas of authentication and authorization systems, identity lifecycle.
• management, and identity governance.
• Generate solutions and policies in support of the Identity Lifecycle Management and Identity.
• Governance, PAM, MFA for the company and consumers.
• Design and Implement IAM solution and tools to manage R1s expanding cloud identities and
• SaaS application footprints (experience implementing technologies such as SailPoint, Thycotic,
• Okta, Microsoft etc.).
• Provide infrastructure and solutions that provide optimal and secure SSO and MFA experiences.
• to employees, contractors, and consumers.
• Work with application owners to integrate application security and application roles with
• centralized IAM IDPs.
• Manage and maintain IAM tools and own identity access and governance related changes.
• Develop and deploy custom connectors for IAM tools, if needed.
• Work with multiple teams within R1 to develop, maintain and administer RBAC policies, roles and
• permissions.
• Perform tasks such as collecting logs, analyzing failure conditions, troubleshooting
• issues/incidents.
• Responsible for performing discovery audits and environment health checks, and present findings
• and remediation strategies.
• Work with Offshore teams, stakeholders, Vendors for IAM governance tasks and activities.

Skills and Experience:

• Identity and Access Management hands-on experience
• Expert knowledge of IAM, PAM & IGA technologies and knowledge of cloud identities
• In-depth understanding of modern authentication solutions using SAML/OAuth/OIDC.
• In depth knowledge of Directory services such as LDAP, Microsoft Active Directory, ADFS.
• Experience architecting IAM solutions within Microsoft Azure, Amazon Web Services (AWS),
• Google Cloud and, preferably, other cloud providers.
• Experience working with cloud security and governance tools, cloud access security brokers
• (CASBs), and server virtualization technologies.
• Federation concepts and technologies particularly with solutions from ADFS and Okta
• Strong experience with Directories, SSO, Federation, Delegated administration, API gateways,
• SOA services.
• Strong understanding of cloud computing architecture, technical design and implementations,
• including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service
• (SaaS) delivery models.
• Able to integrate with cloud based IAM vendors.
• Familiarity with Workday and ITIL and ITSM processes and ServiceNow tool.
• Good understanding of CI and Dev Ops concepts.
• This role will be required to work in flexible shift timings supporting US business hours.

Education:

• Bachelors/Masters degree in technology and related fields.
• IAM and Security related certifications preferable.
• CISSP, CISM, and/or International Information System Security Certification Consortium, Certification is a plus.