Principal Identity Architect
American Tower, Boston, MA, United States
The Team
We are seeking a Principal Identity Architect to join American Tower’s Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in our core systems and platforms. Day to day you will lead the strategic design, development, implementation, and maintenance of our Identity Governance & Administration (IGA) solution to ensure it complies with our Identity Management Access (IAM) standards and supports the implementation of our Privileged Access Management (PAM) solution. You will be the enterprise authority on identity, authentication, authorization, and access governance. You will work with the Senior Manager, Governance, Risk, and Compliance (GRC) to define our IAM and PAM standards and drive adoption of zero trust principles. You will also partner with IT department employees to implement both solutions.
Responsibilities
Lead the design, development, and implementation of the IGA solution and support the implementation of the PAM solution, including designing integrations between the IGA system and directory services, Human Resources systems, and business applications.
Translate business and security requirements into scalable identity architectures, workflows, and automation patterns.
Architect robust solutions for joiner/mover/leaver processes and identity lifecycle automations.
Collaborate with the Security Operations team on implementing the PAM solution.
Work closely with Security Operations, Network, and Application teams to ensure consistent adoption of identity patterns.
Implement zero‑trust access controls including conditional access, least privilege, and posture‑based enforcement.
Design enterprise‑wide authentication and access control frameworks for the workforce, including enhancements to multi‑factor authentication, single sign‑on, passwordless, and risk‑adaptive authentication solutions.
Oversee the maintenance of the IGA and PAM solutions, such as configuration of identity policies.
Work with the GRC team to define IAM and PAM standards and execute related policies, including entitlement governance standards; provide guidance for third‑party access, vendor access assessments, and IAM controls testing.
Constructively engage with IT and business partners to drive adoption of the IGA solution and zero‑trust principles.
Serve as subject‑matter expert for identity‑related decisions and escalations and for identity technologies, guiding engineers, administrators, and application owners.
Establish standards for entitlement models, role‑based access control, segregation of duties, and certification workflows.
Mentor IAM and PAM engineers, analysts, and/or administrators across the organization.
Review system designs to ensure alignment with IAM principles and security controls.
Educate stakeholders about identity‑related matters to increase awareness and improve processes.
Qualifications
Bachelor’s degree or equivalent work experience required.
At least 10 years of identity security experience.
Deep modern IAM platform experience (SailPoint preferred).
Strong understanding of authentication/authorization protocols and directory services.
Experience designing IAM solutions at enterprise scale.
Ability to lead enterprise‑scale identity transformations.
Strong ability to convey complex identity concerns in a manner that is easily understood and actionable, and constructively challenges prevailing thoughts and processes.
Must have good judgment, a sense of urgency, and a commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.
Approximately 10% travel may be required to support the position’s responsibilities.
Strong organization, planning, and project management skills; ability to prioritize tasks for yourself and a team to meet requirements and deadlines.
Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
Strong leadership skills; ability to drive and motivate a team to achieve results.
About Us American Tower is a global digital infrastructure company serving customers through tower sites and other real‑estate solutions that support connectivity and opportunity, focused on achieving our vision of Building a More Connected World. Our success is rooted in the potential of our people and the power of local teams at our offices and sites across 25 countries.
We are one of the largest global Real Estate Investment Trusts (REITs) and a publicly traded company (NYSE:AMT), Fortune 500 headquartered in Boston, Massachusetts. The next decade will be an exciting time as we evolve our infrastructure to meet tomorrow’s needs and position our people to elevate their impact, potential, and shared success.
For more information about how American Tower is building a more connected world, visit
americantower.com .
American Tower is proud to be an equal opportunity employer and will not discriminate against an applicant or employee based on age, sex, sexual orientation, gender identity, race, color, creed, religion, national origin or ancestry, citizenship, marital status, familial status, disability, military or veteran status, genetic information, pregnancy, reproductive decisions, or any other characteristic protected under applicable law.
American Tower is committed to fair and equitable compensation practices. Placement within the salary range is based on relevant experience, skills, certifications, job level, and location. For U.S.-based candidates only, please see the base salary range for this position listed below. This position is also eligible for annual bonus, annual equity award, and participation in the Employee Stock Purchase Plan (ESPP). For candidates outside of the U.S., salary and benefits are based upon local market practice.
American Tower also offers a comprehensive benefits package, which includes healthcare coverage, a 401(k) savings plan, paid time off, company holidays, sick leave, parental leave, and access to an Employee Assistance Program focused on mental and financial wellness.
#J-18808-Ljbffr
We are seeking a Principal Identity Architect to join American Tower’s Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in our core systems and platforms. Day to day you will lead the strategic design, development, implementation, and maintenance of our Identity Governance & Administration (IGA) solution to ensure it complies with our Identity Management Access (IAM) standards and supports the implementation of our Privileged Access Management (PAM) solution. You will be the enterprise authority on identity, authentication, authorization, and access governance. You will work with the Senior Manager, Governance, Risk, and Compliance (GRC) to define our IAM and PAM standards and drive adoption of zero trust principles. You will also partner with IT department employees to implement both solutions.
Responsibilities
Lead the design, development, and implementation of the IGA solution and support the implementation of the PAM solution, including designing integrations between the IGA system and directory services, Human Resources systems, and business applications.
Translate business and security requirements into scalable identity architectures, workflows, and automation patterns.
Architect robust solutions for joiner/mover/leaver processes and identity lifecycle automations.
Collaborate with the Security Operations team on implementing the PAM solution.
Work closely with Security Operations, Network, and Application teams to ensure consistent adoption of identity patterns.
Implement zero‑trust access controls including conditional access, least privilege, and posture‑based enforcement.
Design enterprise‑wide authentication and access control frameworks for the workforce, including enhancements to multi‑factor authentication, single sign‑on, passwordless, and risk‑adaptive authentication solutions.
Oversee the maintenance of the IGA and PAM solutions, such as configuration of identity policies.
Work with the GRC team to define IAM and PAM standards and execute related policies, including entitlement governance standards; provide guidance for third‑party access, vendor access assessments, and IAM controls testing.
Constructively engage with IT and business partners to drive adoption of the IGA solution and zero‑trust principles.
Serve as subject‑matter expert for identity‑related decisions and escalations and for identity technologies, guiding engineers, administrators, and application owners.
Establish standards for entitlement models, role‑based access control, segregation of duties, and certification workflows.
Mentor IAM and PAM engineers, analysts, and/or administrators across the organization.
Review system designs to ensure alignment with IAM principles and security controls.
Educate stakeholders about identity‑related matters to increase awareness and improve processes.
Qualifications
Bachelor’s degree or equivalent work experience required.
At least 10 years of identity security experience.
Deep modern IAM platform experience (SailPoint preferred).
Strong understanding of authentication/authorization protocols and directory services.
Experience designing IAM solutions at enterprise scale.
Ability to lead enterprise‑scale identity transformations.
Strong ability to convey complex identity concerns in a manner that is easily understood and actionable, and constructively challenges prevailing thoughts and processes.
Must have good judgment, a sense of urgency, and a commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.
Approximately 10% travel may be required to support the position’s responsibilities.
Strong organization, planning, and project management skills; ability to prioritize tasks for yourself and a team to meet requirements and deadlines.
Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
Strong leadership skills; ability to drive and motivate a team to achieve results.
About Us American Tower is a global digital infrastructure company serving customers through tower sites and other real‑estate solutions that support connectivity and opportunity, focused on achieving our vision of Building a More Connected World. Our success is rooted in the potential of our people and the power of local teams at our offices and sites across 25 countries.
We are one of the largest global Real Estate Investment Trusts (REITs) and a publicly traded company (NYSE:AMT), Fortune 500 headquartered in Boston, Massachusetts. The next decade will be an exciting time as we evolve our infrastructure to meet tomorrow’s needs and position our people to elevate their impact, potential, and shared success.
For more information about how American Tower is building a more connected world, visit
americantower.com .
American Tower is proud to be an equal opportunity employer and will not discriminate against an applicant or employee based on age, sex, sexual orientation, gender identity, race, color, creed, religion, national origin or ancestry, citizenship, marital status, familial status, disability, military or veteran status, genetic information, pregnancy, reproductive decisions, or any other characteristic protected under applicable law.
American Tower is committed to fair and equitable compensation practices. Placement within the salary range is based on relevant experience, skills, certifications, job level, and location. For U.S.-based candidates only, please see the base salary range for this position listed below. This position is also eligible for annual bonus, annual equity award, and participation in the Employee Stock Purchase Plan (ESPP). For candidates outside of the U.S., salary and benefits are based upon local market practice.
American Tower also offers a comprehensive benefits package, which includes healthcare coverage, a 401(k) savings plan, paid time off, company holidays, sick leave, parental leave, and access to an Employee Assistance Program focused on mental and financial wellness.
#J-18808-Ljbffr