Principal Identity Architect
Eliassen Group, Boston, MA, United States
Description:
Hybrid Tues, Wed, Thurs onsite in Boston, MA
The organization seeks a Principal Identity Architect to lead enterprise identity strategy and execution across Identity Governance and Administration and Privileged Access Management. The role will design scalable identity architectures, automate lifecycle processes, and implement zero trust controls including MFA, SSO, and conditional access. The Principal will partner across security, IT, and application teams to drive adoption of standards and serve as the subject matter expert for identity, authentication, authorization, and access governance.
This is a full-time, permanent opportunity, offering a competitive salary and comprehensive benefits package. Qualified applicants must be willing and able to work on a w2 basis.
Salary: $150,000 - $180,000/ yr. w2
Responsibilities:
Lead the design, development, and implementation of the Identity Governance and Administration solution and support the implementation of the Privileged Access Management solution. Design integrations between the IGA solution and directory services, HR systems, and business applications. Translate business and security requirements into scalable identity architectures, workflows, and automation patterns. Architect solutions for joiner, mover, and leaver processes and identity lifecycle automation. Collaborate with the Security Operations team on PAM solution implementation. Work with Security Operations, Network, and Application teams to ensure consistent adoption of identity patterns. Implement zero trust access controls including conditional access, least privilege, and posture-based enforcement. Design enterprise-wide authentication and access control frameworks including enhancements to MFA, SSO, passwordless, and risk-adaptive authentication. Oversee maintenance of IGA and PAM solutions including configuration of identity policies. Partner with GRC to define IAM and PAM standards and execute related policies and entitlement governance standards. Provide guidance for third-party and vendor access assessments and IAM controls testing. Engage IT and business partners to drive adoption of the IGA solution and zero trust principles. Serve as SME for identity-related decisions and technologies, guiding engineers, administrators, and application owners. Establish standards for entitlement models, RBAC, segregation of duties, and certification workflows. Mentor IAM and PAM engineers, analysts, and administrators. Review system designs for alignment with IAM principles and security controls. Educate stakeholders on identity-related matters to increase awareness and improve processes. Experience Requirements:
10 years of experience in identity security. Deep expertise with modern IAM platforms, with SailPoint preferred. Strong understanding of authentication and authorization protocols and directory services. Experience designing IAM solutions at enterprise scale. Proven ability to lead enterprise-scale identity transformations. Ability to convey complex identity concerns in an actionable manner and constructively challenge prevailing processes. Demonstrated judgment, urgency, and commitment to ethics, regulatory compliance, customer service, and business integrity. Approximately 10% travel. Strong organization, planning, and project management skills with the ability to prioritize to meet deadlines. Ability to work across functional groups and levels to achieve results professionally. Strong leadership skills with the ability to drive and motivate teams. Education Requirements:
Bachelor's degree or equivalent work experience.
The organization seeks a Principal Identity Architect to lead enterprise identity strategy and execution across Identity Governance and Administration and Privileged Access Management. The role will design scalable identity architectures, automate lifecycle processes, and implement zero trust controls including MFA, SSO, and conditional access. The Principal will partner across security, IT, and application teams to drive adoption of standards and serve as the subject matter expert for identity, authentication, authorization, and access governance.
This is a full-time, permanent opportunity, offering a competitive salary and comprehensive benefits package. Qualified applicants must be willing and able to work on a w2 basis.
Salary: $150,000 - $180,000/ yr. w2
Responsibilities:
Lead the design, development, and implementation of the Identity Governance and Administration solution and support the implementation of the Privileged Access Management solution. Design integrations between the IGA solution and directory services, HR systems, and business applications. Translate business and security requirements into scalable identity architectures, workflows, and automation patterns. Architect solutions for joiner, mover, and leaver processes and identity lifecycle automation. Collaborate with the Security Operations team on PAM solution implementation. Work with Security Operations, Network, and Application teams to ensure consistent adoption of identity patterns. Implement zero trust access controls including conditional access, least privilege, and posture-based enforcement. Design enterprise-wide authentication and access control frameworks including enhancements to MFA, SSO, passwordless, and risk-adaptive authentication. Oversee maintenance of IGA and PAM solutions including configuration of identity policies. Partner with GRC to define IAM and PAM standards and execute related policies and entitlement governance standards. Provide guidance for third-party and vendor access assessments and IAM controls testing. Engage IT and business partners to drive adoption of the IGA solution and zero trust principles. Serve as SME for identity-related decisions and technologies, guiding engineers, administrators, and application owners. Establish standards for entitlement models, RBAC, segregation of duties, and certification workflows. Mentor IAM and PAM engineers, analysts, and administrators. Review system designs for alignment with IAM principles and security controls. Educate stakeholders on identity-related matters to increase awareness and improve processes. Experience Requirements:
10 years of experience in identity security. Deep expertise with modern IAM platforms, with SailPoint preferred. Strong understanding of authentication and authorization protocols and directory services. Experience designing IAM solutions at enterprise scale. Proven ability to lead enterprise-scale identity transformations. Ability to convey complex identity concerns in an actionable manner and constructively challenge prevailing processes. Demonstrated judgment, urgency, and commitment to ethics, regulatory compliance, customer service, and business integrity. Approximately 10% travel. Strong organization, planning, and project management skills with the ability to prioritize to meet deadlines. Ability to work across functional groups and levels to achieve results professionally. Strong leadership skills with the ability to drive and motivate teams. Education Requirements:
Bachelor's degree or equivalent work experience.