GCP IAM Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

Publicis Sapient ยท 1 day ago

GCP IAM Architect

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$150K/yr - $195K/yr

Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state. They are seeking a GCP IAM Architect to design and implement IAM strategies and solutions on GCP, ensuring security and compliance while managing cloud infrastructure and automation processes.

Artificial Intelligence (AI)ConsultingDatabaseEnterprise
check
H1B Sponsor Likelynote

Responsibilities

Design and implement comprehensive IAM strategies and solutions on GCP, including Google Cloud Identity, IAM roles and policies, organization policies, deny policies, and Workload Identity Federation
Configure and manage federated identity solutions using PingFederate to enable seamless SSO between on-premises Active Directory and GCP services
Implement and manage OIDC Federation, SAML-based authentication, and OAuth 2.0 flows for enterprise applications
Design and deploy role-based access control (RBAC) frameworks, custom IAM roles, and least-privilege access models across GCP organizations and projects
Configure and manage Google Cloud Directory Sync (GCDS) for automated user and group provisioning from Active Directory to Google Cloud Identity
Implement service account management strategies, including key rotation, impersonation policies, and workload identity configurations
Establish and enforce security best practices for IAM, including conditional access policies, context-aware access controls, and security key enforcement
Design and implement encryption strategies using GCP Cloud KMS and Hashicorp Vault for secrets management
Implement network security controls including VPC Service Controls, private Google access, and secure connectivity patterns
Ensure compliance with security frameworks and regulatory requirements through proper IAM configurations and audit logging
Design, implement, and manage scalable cloud infrastructure solutions on GCP platform aligned with IAM requirements
Automate IAM provisioning, configuration, and lifecycle management using Infrastructure as Code (IaC) tools such as Terraform
Collaborate with software engineering teams to integrate IAM requirements into application architectures and CI/CD pipelines
Develop automated workflows for user onboarding/offboarding, access reviews, and privilege management
Implement monitoring and alerting for IAM-related events using Cloud Logging, Cloud Monitoring, and Security Command Center
Conduct regular access reviews, privilege audits, and IAM policy optimizations
Troubleshoot and resolve complex issues related to authentication, authorization, federation, and access management
Monitor and optimize cloud infrastructure resources to ensure performance, availability, and cost-efficiency
Develop and maintain comprehensive documentation for IAM architectures, federation configurations, and operational procedures
Establish IAM standards, policies, and governance frameworks aligned with organizational security requirements
Stay current with GCP IAM capabilities, authentication protocols, and industry best practices
Provide technical leadership and guidance to development and operations teams on IAM best practices

Qualification

GCP IAM technologiesPingFederate configurationAuthentication protocolsGoogle Cloud Directory SyncHashicorp VaultInfrastructure as CodeGCP security servicesIdentity lifecycle managementAccess governancePrivileged access management

Required

Extensive hands-on experience with GCP IAM technologies, including Google Cloud Identity, IAM policies, organization policies, Workload Identity Federation, and service account management
Proven experience configuring and managing PingFederate for enterprise SSO and federated identity integration with Active Directory
Deep understanding of authentication and authorization protocols: SAML 2.0, OAuth 2.0, OIDC, and JWT
Strong experience with Google Cloud Directory Sync (GCDS) for AD integration and user provisioning
Hands-on experience with Hashicorp Vault and GCP Cloud KMS for secrets and key management
Proficiency with Infrastructure as Code using Terraform for IAM resource provisioning
Experience with GCP security services: VPC Service Controls, Security Command Center, Policy Intelligence, and Cloud Asset Inventory
Strong understanding of identity lifecycle management, access governance, and privileged access management concepts

Benefits

Flexible vacation policy; time is not limited, allocated, or accrued
16 paid holidays throughout the year
Generous parental leave and new parent transition program
Tuition reimbursement
Corporate gift matching program

Company

Publicis Sapient

twittertwittertwitter
Glassdoor3.7
company-logo
Publicis sapient is a digital consulting firm that offers consulting, technology, and product management services. It is a sub-organization of Publicis Sapient.
dateFounded in 1990
location
Boston, Massachusetts, USA
people-size10001+ employees
web-link
https://www.publicissapient.com

H1B Sponsorship

Publicis Sapient has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (90)
2024 (90)
2023 (85)
2022 (153)
2021 (235)
2020 (231)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Nigel Vaz
CEO
linkedin
leader-logo
Nathalie Le Bos
Chief Financial Officer
linkedin

Recent News

Financial Sector Technology
Aldermore Bank launches cloud-based treasury platform
2025-12-09
Latest News
Publicis Sapient Achieves the AWS Agentic AI Specialisation
2025-12-03
Financial Sector Technology
FStech and Retail Systems celebrate payments excellence at Payments Awards 2025
2025-11-15
Company data provided by crunchbase