IAM Architect - SailPoint and Okta jobs in United States
cer-icon
Apply on Employer Site
company-logo

Fulcrum Technology Solutions · 6 hours ago

IAM Architect - SailPoint and Okta

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$180K/yr - $200K/yr
date10+ years exp

Fulcrum Technology Solutions is seeking an experienced Senior Identity Management Architect to lead their Identity and Access Management (IAM) practice. The successful candidate will provide strategic direction and hands-on technical leadership for enterprise IAM implementations, focusing on secure identity governance solutions for healthcare organizations.

ConsultingInformation TechnologyIT InfrastructureSecurity

Responsibilities

Develop comprehensive, long-term IAM strategies aligned with business objectives and security requirements
Design secure, scalable identity architectures
Create architectural roadmaps for modernizing legacy IAM infrastructure while maintaining compliance and operational continuity
Define future-state architectures incorporating Zero Trust principles and defense-in-depth strategies
Lead digital transformation initiatives related to identity and access management
Architect enterprise-scale identity governance and administration solutions using SailPoint IdentityIQ/IdentityNow
Lead Okta implementations including SSO, MFA, lifecycle management, and API access management
Design comprehensive solutions for identity lifecycle management across joiner-mover-leaver processes, provisioning, and de-provisioning
Architect directory services strategies integrating Active Directory, Azure AD, LDAP, and cloud directories
Develop integration frameworks connecting IAM platforms with EHR systems (Epic, Cerner), HR systems, clinical applications, and third-party services
Design privileged access management (PAM) architectures using tools like CyberArk and Entra Privileged Identity Management (PIM)
Create federated identity solutions enabling secure partner access
Define and enforce organizational standards for authentication protocols including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and SCIM
Establish best practices for modern authentication methods including passwordless, phishing-resistant MFA, and adaptive authentication
Evaluate and recommend IAM technologies, platforms, and tools to meet evolving security requirements
Lead proof-of-concept initiatives for emerging identity technologies
Provide technical guidance on API security, token management, and session handling
Implement robust role-based access control (RBAC) frameworks and attribute-based access control (ABAC) where appropriate
Design and oversee entitlement reviews and access certification processes to ensure least privilege access
Establish segregation of duties (SoD) controls to prevent conflicts of interest and fraud
Develop attestation workflows and remediation processes for access violations
Create governance policies for role design, entitlement management, and access request workflows
Ensure IAM architectures and implementations meet stringent regulatory requirements including HIPAA, GDPR, SOX, PCI-DSS, and HITRUST
Drive Zero Trust architecture principles across identity, network, and data security domains
Conduct security assessments and risk analyses of identity infrastructure
Implement security controls for protecting Protected Health Information (PHI) and personally identifiable information (PII)
Design audit logging and monitoring capabilities to support compliance reporting and security investigations
Partner with security, compliance, and privacy teams to align IAM practices with organizational risk frameworks
Demonstrate deep expertise in SAML for enterprise federation and single sign-on
Architect OAuth 2.0 and OpenID Connect flows for API security and modern application authentication
Implement SCIM (System for Cross-domain Identity Management) for automated user provisioning
Design token lifecycle management, refresh token rotation, and secure credential storage
Configure claims-based authentication and authorization models
Develop custom connectors, workflows, and automation scripts for IAM platforms using Java, BeanShell, PowerShell, and Python
Create API integrations and middleware solutions to connect IAM platforms with enterprise applications
Build automation scripts for identity lifecycle management, provisioning, and de-provisioning workflows
Develop custom reports, dashboards, and compliance analytics using scripting and query languages
Write and maintain technical documentation for custom integrations, scripts, and configurations
Implement CI/CD pipelines and DevOps practices for IAM deployments and configuration management
Serve as trusted advisor to healthcare executives, CISOs, and IT leadership on IAM strategy and governance
Lead requirements gathering workshops and translate clinical and operational needs into technical solutions
Present architectural designs and recommendations to client stakeholders including privacy officers and compliance teams
Provide thought leadership on identity security trends in healthcare including patient identity management and interoperability
Lead and mentor a team of IAM architects and engineers
Establish technical standards, best practices, and implementation methodologies for the IAM practice
Conduct performance reviews, provide career development guidance, and foster a collaborative team environment
Allocate resources and manage workload distribution across multiple client engagements
Drive knowledge sharing and continuous learning within the team

Qualification

SailPoint IdentityIQOktaIdentity protocolsRBAC frameworksZero Trust architecturePrivileged Access ManagementHealthcare IT experienceAPI securityCompliance reportingClient engagementCommunicationTeam leadershipTechnical documentation

Required

Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience)
10+ years of experience in identity and access management
5+ years of experience working with healthcare organizations and understanding of healthcare IT environments is a plus
5+ years of hands-on experience with SailPoint IdentityIQ or IdentityNow, including: Application onboarding and connector development, Workflow configuration and lifecycle management, Access certifications and policy enforcement, Role mining, role engineering, and entitlement management, Compliance reporting and audit support
3+ years of hands-on experience with Okta, including: Single Sign-On (SSO) and federation protocols (SAML, OIDC, OAuth), Universal Directory and lifecycle management, Okta API and automation, Integration with cloud and on-premises applications, MFA and adaptive authentication policies
3+ years of experience leading technical teams (5+ members)
Expert-level understanding of identity protocols: SAML, OAuth 2.0, OpenID Connect (OIDC), SCIM
Deep knowledge of HIPAA requirements related to access controls, audit logging, and PHI protection
Experience designing and implementing RBAC frameworks and segregation of duties controls
Understanding of Zero Trust architecture and implementation strategies
Experience with privileged access management (PAM) solutions such as CyberArk or Entra PIM
Familiarity with healthcare applications and EHR systems (Epic, Cerner, Meditech)
Excellent communication skills with ability to articulate complex technical and compliance concepts to diverse audiences
Experience working in consulting or professional services environments

Preferred

SailPoint IdentityIQ Engineer or Architect certification
Okta Certified Professional or Okta Certified Consultant
CISSP, CISM, CISA, or related security certifications
Certified Information Privacy Professional (CIPP) or Healthcare privacy certifications
HITRUST CSF Practitioner certification
Experience with additional IAM platforms (Saviynt, ForgeRock, Microsoft Identity Manager)
Hands-on experience with CyberArk PAM Suite or Entra PIM
Experience with cloud platforms (Azure, AWS, GCP) and their native IAM capabilities
Background in application development or scripting (Java, PowerShell, Python, BeanShell, JavaScript)
Knowledge of Workday, ServiceNow, or other enterprise platforms common in healthcare

Benefits

Comprehensive benefits including health, dental, and vision insurance
401(k) with company match
Professional development budget for certifications and training
Flexible work arrangements
Opportunity to shape the direction of a growing IAM practice focused on healthcare
Collaborative culture with exposure to leading healthcare systems and organizations
Meaningful work protecting patient privacy and improving healthcare security

Company

Fulcrum Technology Solutions

twittertwittertwitter
company-logo
Fulcrum Technology Solutions specializes in technology consulting, data networking, managed infrastructure, security and support services.
dateFounded in 2011
location
Houston, Texas, USA
people-size51-200 employees
web-link
https://www.ftsc.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Robin Smith
President
linkedin

Recent News

PRNewswire
Fulcrum Technology Solutions, Attains SOC 2 Type 2 Certification, Demonstrating Unwavering Commitment to Client Data Security
2023-08-04
Company data provided by crunchbase