First American · 2 months ago
Senior Information Security Architect - Cloud IAM
Santa Ana, CA
Full-time
Onsite
Senior Level
$145K/yr - $193K/yr
7+ years expFirst American is a company that values its people and has been recognized as a great place to work. They are seeking a highly skilled Senior IAM Security Architect to join their information security architecture team, focusing on designing and managing IAM security controls in cloud environments to ensure secure user access and identity protection.
Financial ServicesInsuranceProperty InsuranceReal EstateReal Estate Investment
Responsibilities
Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements
Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments
Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network
Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control
Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events
Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions
Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets
Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards
Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems
Design MFA solutions to enhance authentication security, applying risk-based policies to ensure strong protection for sensitive data and critical resources
Develop and integrate IAM security controls with cloud platforms such as AWS, Azure, and Entra ID, ensuring secure access management across both public and hybrid cloud environments
Leverage native security features of cloud platforms (e.g., AWS IAM, Azure AD, Entra ID) to design scalable, secure, and automated IAM solutions
Lead the migration process from Hybrid Active Directory to Entra-ID based authentication to ensure minimal disruption and proper synchronization and federation across systems
Develop and maintain security governance frameworks for IAM, focusing on identity lifecycle management, role-based access control (RBAC), user provisioning, deprovisioning, and enforcement of least privilege
Ensure proper identity governance and access reviews are conducted regularly, documenting changes and exceptions as part of compliance audits
Collaborate with cross-functional teams, including application security, network security, infrastructure, and DevOps, to integrate IAM security best practices across systems and services
Stay up to date on the latest IAM trends, security threats, and technology advancements to continuously improve IAM practices and solutions
Implement security automation tools and workflows to improve efficiency and reduce manual efforts in identity management and access control
Qualification
Required
Bachelor's degree in computer science, Information Security, or related field
7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design
Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID
In-depth knowledge of IAM security best practices, identity governance, and access management policies
Hands-on experience in conducting security risk assessments and threat modeling for IAM systems
Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments
Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls
Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory
Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments
Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning
Experience in implementing and managing SSO and MFA, with expertise in modern authentication protocols such as OAuth 2.0, OpenID Connect, and SAML
Preferred
Certified Information Systems Security Professional (CISSP)
Certified Identity and Access Manager (CIAM)
Knowledge in GCP would be a nice to have
Benefits
Medical
Dental
Vision
401k
PTO/paid sick leave
Employee stock purchase plan
Company
First American
First American provides financial services through its Title Insurance and Services segment and its Specialty Insurance segment.
10001+ employees
H1B Sponsorship
First American has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (3)
2023 (2)
2022 (1)
2021 (2)
2020 (5)
Funding
Current Stage
Public CompanyTotal Funding
$450M2024-09-23Post Ipo Debt· $450M
2010-06-01IPO
Leadership Team
Kenneth D. DeGiorgio
Chief Executive Officer
Jody Mulkey
Chief Technology Officer
Recent News
2025-11-18
Company data provided by crunchbase