IAM Solution Architect

The IAM Solution Architect is responsible for: • Architecture Planning for Azure Active Directory and Active Directory hybrid environment. • Creating and implementing an architectural design that caters to the Identity & Access needs, aligns with the business objectives of secure design, lifecycle, and operations. • Acting as the in-house expert on various IAM disciplines, including but not limited to Identity, Single Sign-On, Federation, Multifactor Authentication, Privileged Access Management, Directory Services, Role-based Governance & Administration, API Security, Key and Token Lifecycle, Identity Risk, and Identity Threat Modeling. • Developing solutions for integrating third-party and cloud applications using a range of federation protocols. Establish lifecycle controls and processes in the design for managing the identity and access of customers, partners, and B2B/C entities. Craft comprehensive user provisioning and de-provisioning processes that align with the regulatory and industry requirements for account termination. • Assisting in developing a systematic approach to incorporate secure hygiene practices into Enterprise business solutions. • Designing and implementing Customer Identity and Access Management (CIAM) solutions that can manage high transaction volumes and accommodate a large user base, focusing on scalability and performance. The duties to be performed by the IAM Solution Architect will include: • Executing, strategizing, and maintaining the migration and integration of SecureAuth and Azure Active Directory. • Designing and implementing RBAC models to assign permissions based on users' roles and responsibilities. • Proficient in implementing and managing identity federation protocols such as Security Assertion Markup Language (SAML) and OpenID Connect with OAuth 2.0, facilitating Single Sign-On (SSO) across various platforms. • Creating innovative tools and procedures to optimize the utilization of Active Directory and Azure Active Directory. • Retrofitting (support existing authentication patterns) SecureAuth to support existing authentication patterns for applications, while modernizing web services with OAuth/SAML patterns. Required Skillsets: • Preference will be given to individuals who have experience in delivering secure IAM solutions within the Law Enforcement. • Familiarity with Active Directory Federation Services (ADFS), SAML, web Single Sign-On (SSO), OAuth, and related technologies is required. • Knowledge of Active Directory Schema is needed, particularly the ability to comprehend and manage the AD schema, including understanding the implications of extending or modifying user object classes and attributes. • Implementing streamlined, user-friendly processes for account creation to enhance the customer experience. • Deploying enhanced Multi-factor Authentication (MFA), including SMS-based codes, email verification, push notifications through the OATH protocol, or biometric authentication. Additional qualifications include • Possess substantial expertise in working with MS SQL Server, including the creation of stored procedures and complex SQL queries. • Capable of constructing and configuring new databases, defining filegroups, setting file paths, and selecting database options. • Proficient in configuring and managing various authentication modes, particularly between Windows authentication and SQL Server authentication. • Experienced in writing and executing queries for data retrieval, manipulation, and analysis