iAM Lead - Okta/Entra ID

Key Responsibilities :

- Architect and implement end-to-end IAM solutions, including identity lifecycle management, access governance, authentication, and federation.

- Design and deploy Privileged Access Management (PAM/PIM) architectures using solutions like CyberArk, BeyondTrust, Delinea, or ManageEngine, ensuring strong privileged account security.

- Develop and maintain Access Management and Federation Services using Azure AD (Entra ID), Okta, or equivalent.

- Design and implement Customer Identity (CIAM) solutions using like Okta or PingIdentity, as required.

- Define and maintain IAM reference architectures, standards, and integration blueprints across hybrid and multi-cloud environments.

- Perform IAM maturity and pre-assessment studies to evaluate organizational readiness and define target operating models.

- Collaborate with stakeholders to translate business challenges into scalable IAM/PAM architectural solutions.

- Develop custom connectors and integrations with enterprise systems and cloud platforms.

- Provide architectural governance and technical leadership to IAM delivery teams, mentoring junior consultants and ensuring best practices are followed.

- Ensure compliance with enterprise cybersecurity policies, standards, and relevant regulations.

- Contribute to business development activities by providing technical expertise and solution design support in IAM/PAM opportunities.

- Excellent verbal and written communication

- Strong client management skills

- Ability to cope with competing demands

Required Experience, Skills & Competencies:

- Experience should be between 10 to 12 years in IAM and PAM architecture

- Deep understanding of IAM and PAM architectures, frameworks, and operations.

- Hands-on expertise in tools such as for any of these CyberArk, BeyondTrust, Delinea, Azure AD (Entra ID), Okta, Saviynt, SailPoint, ManageEngine, etc.

- Strong grasp of Active Directory, Federation Services (ADFS, SAML, OIDC, OAuth2), and Zero Trust access design.

- Experience with identity lifecycle management, role-based access control (RBAC), policy-based access control (PBAC), and access governance.

- Familiarity with cloud infrastructure security across Azure, AWS, and GCP.

- Strong understanding of cybersecurity principles, least privilege, and zero-trust architecture.

- Excellent communication, documentation, and stakeholder engagement skills.

Preferred Qualifications:

- Certifications such as CISSP, CISM, Microsoft Certified: Identity & Access Administrator, CyberArk Defender/Guardian, or SailPoint Certified Engineer.

- Experience designing IAM/PAM architectures in large, hybrid enterprise environments.

- Knowledge of compliance frameworks like ISO 27001, NIST, GDPR, or SOC 2.