3,097 Identity And Access Management Architect jobs in the United States

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.

Our Perks:

• Flexible PTO (designed to offer flexible time away for you!)
• Up to 12 weeks paid parental leave
• Paid Volunteer Time Off
• Mental health coverage
• Quarterly Wellness stipend
• Fertility benefits
• Complete list of benefits here

CLA is growing and seeking to hire an experienced Lead Identity & Access Management (IAM) Architect to join our talented Information Technology team. The position offers growth, flexibility and a collaborative work environment.

The Lead Identity & Access Management (IAM) Architect will be responsible for designing, implementing, and managing enterprise identity solutions. This role ensures and drives secure, scalable, and efficient identity and access management (IAM) across cloud and on-premises environments.

How you'll create opportunities in this Lead Identity & Access Management (IAM) Architect position:

Architecture & Design:

• Lead the design and implementation of identity solutions including hybrid identity with on-premise Active Directory.
• Architect secure authentication and authorization processes.
• Oversee design and implementation of Conditional Access, MFA, and Identity Protection policies.

Integration & Implementation:

• Integrate third-party and internal applications for Single Sign-On (SSO).
• Configure and manage directory synchronization and password hash synchronization.
• Lead CIAM (Customer Identity and Access Management) implementations.

Governance & Security:

• Deploy and manage privileged access accounts.
• Implement Identity Governance policies including access reviews, entitlement management, and lifecycle workflows.

Migration & Modernization:

• Lead migration projects from legacy IAM systems.
• Support application onboarding and modernization efforts.

Provide technical mentorship and leadership to junior team members.

What you will need:

• Bachelor's degree is required. Combination of relevant experience, education, and training may be accepted in lieu of degree.
• 6 years relevant IT experience is required
• Hands on experience with IAM technologies and frameworks

Technical Competencies

• Proficiency with Microsoft Entra ID, Active Directory, and IAM best practices.
• Experience with DevOps tools (Terraform) and scripting (PowerShell, Bash, etc.).
• Experience with Identity Governance tools (e.g., SailPoint)

Travel Requirements

This position requires <10% travel. #LI-JH1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.

We are Generac, a leading energy technology company committed to powering a smarter world.

Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.

The Identity & Access Management (IAM) Principal Architect leads the strategic design and implementation of our enterprise identity solutions, drives the consolidation of fragmented Identity Providers (IdPs) into Microsoft Entra ID, ensuring a unified, secure, and scalable identity framework aligned with Zero Trust principles. Focuses on rightsizing authentication and authorization processes to enhance security while optimizing user access and experience.

A key responsibility is architecting and supporting the migration to a Single Identity model across the company's Customer Identity and Access Management (CIAM) platforms, empowering our Digital Business Office and delivering a seamless, secure, and unified digital identity experience. The IAM Principal Architect ensures compliance with industry standards such as NIST, ISO 27001, and other relevant security frameworks.

Works closely with security teams, IT leadership, business stakeholders, and external vendors to design and implement scalable IAM solutions that align with organizational goals and regulatory requirements.

Major Responsibilities

Strategy & Architecture

• Define and execute the enterprise IAM strategy, including consolidating fragmented Identity Providers (IdPs) into Microsoft Entra ID.

• Architect and implement a unified identity framework that supports Zero Trust principles, ensuring secure and scalable authentication and authorization.

• Develop IAM roadmaps, policies, and governance models aligned with business objectives, security best practices, and regulatory compliance.

• Drive the adoption of cloud identity security solutions, ensuring seamless integration with hybrid and multi-cloud environments.

Implementation & Operations

• Lead the design, deployment, and management of IAM solutions, including Entra ID, Okta, Auth0, Active Directory, and Privileged Access Management (PAM) platforms.

• Support the migration to a Single Identity framework within Customer Identity and Access Management (CIAM) platforms to enhance digital transformation and user experience.

• Implement IAM automation, AI-driven identity governance, and self-service capabilities to streamline identity lifecycle management.

• Develop and enhance federated identity solutions, adaptive authentication, and multi-factor authentication (MFA) strategies.

Security & Compliance

• Ensure IAM security policies and solutions comply with industry standards such as NIST, ISO 27001, SOC 2, GDPR, and other required frameworks.

• Implement role-based access control (RBAC), least privilege access (LPA), just-in-time (JIT) access, and adaptive authentication strategies.

• Enhance privileged access security through PAM solutions, reducing attack surfaces and securing access to critical infrastructure.

• Integrate identity threat detection and response (ITDR) capabilities to protect against compromised credentials and insider threats.

Collaboration & Leadership

• Partner with security, IT, and business teams to align IAM initiatives with organizational goals and risk management strategies.

• Provide technical leadership, mentorship, and guidance to IAM teams and stakeholders.

• Engage with external vendors, industry leaders, and security communities to stay ahead of emerging IAM threats and best practices.

• Drive continuous improvement and innovation in IAM processes, ensuring the adoption of next-gen identity security solutions.

Minimum Job Requirements

Education

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.

Work Experience

• 6+ years of experience in Identity and Access Management, or in Cybersecurity with heavy emphasis in IAM processes and/or controls.

Knowledge / Skills / Abilities

• Deep expertise in Identity & Access Management (IAM) architecture, Zero Trust principles, and identity governance frameworks.

• Strong understanding of authentication and authorization mechanisms, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Adaptive Authentication, and Passwordless Authentication.

• Hands-on experience with Microsoft Entra ID (Azure AD), Okta, Active Directory, Auth0, and Privileged Access Management (PAM) solutions.

• Knowledge of Identity Governance and Administration (IGA), including role-based access control (RBAC), attribute-based access control (ABAC), and Just-in-Time (JIT) access.

• Expertise in IAM automation and AI-driven identity analytics, including identity lifecycle management and self-service capabilities.

• Familiarity with federated identity standards (SAML, OAuth, OpenID Connect) and their implementation in cloud and hybrid environments.

• Experience securing identities across cloud platforms (AWS, Azure, Google Cloud), including cloud-native IAM services and API security.

• Strong understanding of compliance and regulatory frameworks, such as NIST, ISO 27001, SOC 2, GDPR, and CCPA, as they pertain to IAM.

• Experience in identity threat detection and response (ITDR), insider risk management, and identity-based attack prevention.

• Excellent problem-solving, analytical, and leadership skills, with the ability to collaborate across security, IT, and business teams to implement scalable IAM solutions.

Preferred Job Requirements

Education

• Master's degree in Cybersecurity or a related field.

Certification / License

• CISA/CISM/CISSP or equivalent

Physical Demands : While performing the duties of this job, the employee is regularly required to talk and hear; and use hands to manipulate objects or controls. The employee is regularly required to stand and walk. On occasion the incumbent may be required to stoop, bend or reach above the shoulders. The employee must occasionally lift up to 25 - 50 pounds. Specific conditions of this job are typical of frequent and continuous computer-based work requiring periods of sitting, close vision and ability to adjust focus. Occasional travel.

"We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law."

Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.

As one of the leaders and largest suppliers of power generation equipment and technology, the work we do touches millions of lives. Employees at Generac are encouraged to be innovative and are valued as an integral part of our global team. Our challenging goals develop knowledgeable employees dedicated to helping continue Generac's success. Generac provides individuals the opportunity to work in a fast-paced agile work environment where their work makes a difference in people's lives and their own.

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.

Our Perks:

• Flexible PTO (designed to offer flexible time away for you!)
• Up to 12 weeks paid parental leave
• Paid Volunteer Time Off
• Mental health coverage
• Quarterly Wellness stipend
• Fertility benefits
• Complete list of benefits here

CLA is growing and seeking to hire an experienced Lead Identity & Access Management (IAM) Architect to join our talented Information Technology team. The position offers growth, flexibility and a collaborative work environment.

The Lead Identity & Access Management (IAM) Architect will be responsible for designing, implementing, and managing enterprise identity solutions. This role ensures and drives secure, scalable, and efficient identity and access management (IAM) across cloud and on-premises environments.

How you'll create opportunities in this Lead Identity & Access Management (IAM) Architect position:

Architecture & Design:

• Lead the design and implementation of identity solutions including hybrid identity with on-premise Active Directory.
• Architect secure authentication and authorization processes.
• Oversee design and implementation of Conditional Access, MFA, and Identity Protection policies.

Integration & Implementation:

• Integrate third-party and internal applications for Single Sign-On (SSO).
• Configure and manage directory synchronization and password hash synchronization.
• Lead CIAM (Customer Identity and Access Management) implementations.

Governance & Security:

• Deploy and manage privileged access accounts.
• Implement Identity Governance policies including access reviews, entitlement management, and lifecycle workflows.

Migration & Modernization:

• Lead migration projects from legacy IAM systems.
• Support application onboarding and modernization efforts.

Provide technical mentorship and leadership to junior team members.

What you will need:

• Bachelor's degree is required. Combination of relevant experience, education, and training may be accepted in lieu of degree.
• 6 years relevant IT experience is required
• Hands on experience with IAM technologies and frameworks

Technical Competencies

• Proficiency with Microsoft Entra ID, Active Directory, and IAM best practices.
• Experience with DevOps tools (Terraform) and scripting (PowerShell, Bash, etc.).
• Experience with Identity Governance tools (e.g., SailPoint)

Travel Requirements

This position requires <10% travel. #LI-JH1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.

Our Perks:

• Flexible PTO (designed to offer flexible time away for you!)
• Up to 12 weeks paid parental leave
• Paid Volunteer Time Off
• Mental health coverage
• Quarterly Wellness stipend
• Fertility benefits
• Complete list of benefits here

CLA is growing and seeking to hire an experienced Lead Identity & Access Management (IAM) Architect to join our talented Information Technology team. The position offers growth, flexibility and a collaborative work environment.

The Lead Identity & Access Management (IAM) Architect will be responsible for designing, implementing, and managing enterprise identity solutions. This role ensures and drives secure, scalable, and efficient identity and access management (IAM) across cloud and on-premises environments.

How you'll create opportunities in this Lead Identity & Access Management (IAM) Architect position:

Architecture & Design:

• Lead the design and implementation of identity solutions including hybrid identity with on-premise Active Directory.
• Architect secure authentication and authorization processes.
• Oversee design and implementation of Conditional Access, MFA, and Identity Protection policies.

Integration & Implementation:

• Integrate third-party and internal applications for Single Sign-On (SSO).
• Configure and manage directory synchronization and password hash synchronization.
• Lead CIAM (Customer Identity and Access Management) implementations.

Governance & Security:

• Deploy and manage privileged access accounts.
• Implement Identity Governance policies including access reviews, entitlement management, and lifecycle workflows.

Migration & Modernization:

• Lead migration projects from legacy IAM systems.
• Support application onboarding and modernization efforts.

Provide technical mentorship and leadership to junior team members.

What you will need:

• Bachelor's degree is required. Combination of relevant experience, education, and training may be accepted in lieu of degree.
• 6 years relevant IT experience is required
• Hands on experience with IAM technologies and frameworks

Technical Competencies

• Proficiency with Microsoft Entra ID, Active Directory, and IAM best practices.
• Experience with DevOps tools (Terraform) and scripting (PowerShell, Bash, etc.).
• Experience with Identity Governance tools (e.g., SailPoint)

Travel Requirements

This position requires <10% travel. #LI-JH1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.

**We are Generac, a leading energy technology company committed to powering a smarter world.**
Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.
The Identity & Access Management (IAM) Principal Architect leads the strategic design and implementation of our enterprise identity solutions, drives the consolidation of fragmented Identity Providers (IdPs) into Microsoft Entra ID, ensuring a unified, secure, and scalable identity framework aligned with Zero Trust principles. Focuses on rightsizing authentication and authorization processes to enhance security while optimizing user access and experience.
A key responsibility is architecting and supporting the migration to a Single Identity model across the company's Customer Identity and Access Management (CIAM) platforms, empowering our Digital Business Office and delivering a seamless, secure, and unified digital identity experience. The IAM Principal Architect ensures compliance with industry standards such as NIST, ISO 27001, and other relevant security frameworks.
Works closely with security teams, IT leadership, business stakeholders, and external vendors to design and implement scalable IAM solutions that align with organizational goals and regulatory requirements.
**Major Responsibilities**
**Strategy & Architecture**
+ Define and execute the enterprise IAM strategy, including consolidating fragmented Identity Providers (IdPs) into Microsoft Entra ID.
+ Architect and implement a unified identity framework that supports Zero Trust principles, ensuring secure and scalable authentication and authorization.
+ Develop IAM roadmaps, policies, and governance models aligned with business objectives, security best practices, and regulatory compliance.
+ Drive the adoption of cloud identity security solutions, ensuring seamless integration with hybrid and multi-cloud environments.
**Implementation & Operations**
+ Lead the design, deployment, and management of IAM solutions, including Entra ID, Okta, Auth0, Active Directory, and Privileged Access Management (PAM) platforms.
+ Support the migration to a Single Identity framework within Customer Identity and Access Management (CIAM) platforms to enhance digital transformation and user experience.
+ Implement IAM automation, AI-driven identity governance, and self-service capabilities to streamline identity lifecycle management.
+ Develop and enhance federated identity solutions, adaptive authentication, and multi-factor authentication (MFA) strategies.
**Security & Compliance**
+ Ensure IAM security policies and solutions comply with industry standards such as NIST, ISO 27001, SOC 2, GDPR, and other required frameworks.
+ Implement role-based access control (RBAC), least privilege access (LPA), just-in-time (JIT) access, and adaptive authentication strategies.
+ Enhance privileged access security through PAM solutions, reducing attack surfaces and securing access to critical infrastructure.
+ Integrate identity threat detection and response (ITDR) capabilities to protect against compromised credentials and insider threats.
**Collaboration & Leadership**
+ Partner with security, IT, and business teams to align IAM initiatives with organizational goals and risk management strategies.
+ Provide technical leadership, mentorship, and guidance to IAM teams and stakeholders.
+ Engage with external vendors, industry leaders, and security communities to stay ahead of emerging IAM threats and best practices.
+ Drive continuous improvement and innovation in IAM processes, ensuring the adoption of next-gen identity security solutions.
**Minimum Job Requirements**
**Education**
+ Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
**Work Experience**
+ 6+ years of experience in Identity and Access Management, or in Cybersecurity with heavy emphasis in IAM processes and/or controls.
**Knowledge / Skills / Abilities**
+ Deep expertise in Identity & Access Management (IAM) architecture, Zero Trust principles, and identity governance frameworks.
+ Strong understanding of authentication and authorization mechanisms, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Adaptive Authentication, and Passwordless Authentication.
+ Hands-on experience with Microsoft Entra ID (Azure AD), Okta, Active Directory, Auth0, and Privileged Access Management (PAM) solutions.
+ Knowledge of Identity Governance and Administration (IGA), including role-based access control (RBAC), attribute-based access control (ABAC), and Just-in-Time (JIT) access.
+ Expertise in IAM automation and AI-driven identity analytics, including identity lifecycle management and self-service capabilities.
+ Familiarity with federated identity standards (SAML, OAuth, OpenID Connect) and their implementation in cloud and hybrid environments.
+ Experience securing identities across cloud platforms (AWS, Azure, Google Cloud), including cloud-native IAM services and API security.
+ Strong understanding of compliance and regulatory frameworks, such as NIST, ISO 27001, SOC 2, GDPR, and CCPA, as they pertain to IAM.
+ Experience in identity threat detection and response (ITDR), insider risk management, and identity-based attack prevention.
+ Excellent problem-solving, analytical, and leadership skills, with the ability to collaborate across security, IT, and business teams to implement scalable IAM solutions.
**Preferred Job Requirements**
**Education**
+ Master's degree in Cybersecurity or a related field.
**Certification / License**
+ CISA/CISM/CISSP or equivalent
**Physical Demands** : While performing the duties of this job, the employee is regularly required to talk and hear; and use hands to manipulate objects or controls. The employee is regularly required to stand and walk. On occasion the incumbent may be required to stoop, bend or reach above the shoulders. The employee must occasionally lift up to 25 - 50 pounds. Specific conditions of this job are typical of frequent and continuous computer-based work requiring periods of sitting, close vision and ability to adjust focus. Occasional travel.
_"We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law."_
Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.
As one of the leaders and largest suppliers of power generation equipment and technology, the work we do touches millions of lives. Employees at Generac are encouraged to be innovative and are valued as an integral part of our global team. Our challenging goals develop knowledgeable employees dedicated to helping continue Generac's success. Generac provides individuals the opportunity to work in a fast-paced agile work environment where their work makes a difference in people's lives and their own.

Position Summary

Casella Waste Systems, Inc. seeks a highly skilled and proactive Identity Access Management (IAM) Engineer to join our growing Information Security team. This role plays a vital part in enhancing our organization's security posture by overseeing the full identity lifecycle—managing user credentials, access rights, and entitlements across enterprise applications and infrastructure. Working collaboratively with business stakeholders, HR, IT, and compliance teams, the IAM Engineer is expected to architect, implement, and continually optimize IAM processes in alignment with business needs, compliance frameworks, and security best practices. This high-impact role requires a strong technical foundation, analytical mindset, and commitment to maintaining security controls that support organizational integrity, regulatory compliance, and operational efficiency.

Hiring Range $115-145K depending on experience

#INDSJ

Key Responsibilities

• Drives the execution and continuous improvement of Identity and Access Management (IAM) controls technology. This includes, but isn't limited to, administration, configuration of IAM/SSO technology, designing and implementing access provisioning and de-provisioning workflows, enabling thorough entitlement reviews and access recertification, implementing and optimizing role-based authorization, ensuring segregation of duties based on business rules, and enabling robust computer user account management.
• Partners closely with Human Resources to maintain precise access and authorization controls, ensuring alignment with employee lifecycle events.
• Proactively Identifies and resolves gaps within business processes related to IAM. This often involves configuration of IAM/SSO technology, analyzing security and authorization setups, contributing to user documentation, assisting with data interface design, and overseeing data migration and reconciliation efforts.
• Regularly interacts with end-users, managers, IT and data custodians to ensure IAM/SSO controls are properly configured and comply with access controls and audit procedures.
• Provides expert operational support and guidance for critical authentication and authorization services, such as Multi-Factor Authentication (MFA), Active Directory, and Identity Management (IdM) platforms.
• Responds to and troubleshoot IAM-related incidents, ensuring timely resolution and minimal disruption to operations.
• Collaborates with various stakeholders, including internal audit/risk management, third-party vendors, and internal IT departments, to identify, document, and support the remediation of information security and operational issues impacting Casella's IAM systems.
• Ensures all IAM activities and solutions adhere to internal security policies, industry best practices, and relevant regulatory compliance requirements (e.g., SOX, HIPAA, GDPR, etc.).
• Provides input and support for the design and implementation of secure IAM architectures and solutions.
• Trains other security staff and maintain documentation for IAM processes and configurations.
• Participates in training and other learning opportunities to expand knowledge of the company, products, sales, and services and performs any other duties needed to help drive our vision, fulfill our mission, and/or abide by our core values.
• Ensures compliance with all company, state, and federal policies, regulations, and laws regarding employment and employee safety.

Education, Experience & Qualifications

A Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field is required, although equivalent education and experience may also be considered. The ideal candidate will have over three years of experience in Identity and Access Management (IAM) or IT security, with hands-on expertise in SailPoint IdentityNow and Microsoft Entra (formerly Azure AD). Proficiency in scripting languages such as PowerShell, JavaScript, and TypeScript is essential, along with experience working with REST/SOAP APIs and JSON. A solid understanding of Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), compliance frameworks like SOX, HIPAA, and GDPR, as well as Governance, Risk, and Compliance (GRC) practices, is also important. Strong troubleshooting and analytical skills are required. Preferred certifications include Microsoft Certified: Identity and Access Administrator, SailPoint IdentityNow Professional, CISSP, and CIAM.

Attributes

Excellent communicator with outstanding critical thinking and decision-making skills who is adept at navigating nuances of leading a team of technical and non-technical company professionals in creating cyber architecture while building and maintaining key stakeholder relationships, developing trust, encouraging continuous learning, and achieving business results.

Benefits

Medical, Dental, Vision, Life & Disability Insurance, Maternity & Parental Leave, Flexible Spending Accounts, Discounted Stock Program, 401K, Boot & Clothing Allowance, Safety Awards, Employee Assistance Plan, Wellness Incentive, Tuition Assistance, Career Pathways, and More.

Benefits & RewardsWant easy-to-use, rewarding benefits? Well, we’ve got those! Our employee rewards program is designed to help you in your career, and in your life outside of Casella. From competitive wages to comprehensive medical plans to employee stock purchase and retirement savings options, learn about all the ways we reward you. EEO

Casella Waste Systems, Inc. is an equal opportunity employer. We are committed to creating an environment of inclusion and mutual respect where opportunities are available to all applicants and team members without regard to race, religion, color, national origin, gender, gender identity or expression, sexual orientation, genetic information, military and veteran status, status as individual with a disability, or any other characteristic protected by federal or state laws. We believe that diversity and inclusion among our team members is critical to our success as a company and we seek to recruit, develop, and retain the most talented people.

Join our Talent Community!

Join our Talent Community ( to receive updates on new opportunities and future events.

Job Locations US-VT-Rutland

Job ID 2025-7443

Category Information Technology

Type Regular Full-Time

Recruitment notice: Platte River Power Authority does not accept unsolicited resumes from headhunters, recruitment agencies or fee-based placement services. No agency emails, calls, or solicitations to staff are accepted without a valid agreement. Any unsolicited resume submitted to staff will be considered property of Platte River Power Authority and with no obligation to pay any referral fees.

Job summary

Responsible for the design, development, and implementation of secure, scalable Identity and Access Management (IAM) systems and processes that govern user identities, roles, access permissions, and authentication mechanisms. This role ensures alignment with organizational policies, regulatory requirements, and industry best practices, and collaborates closely with technology, cybersecurity, and business stakeholders to manage identity lifecycles, enforce access controls, streamline authentication and authorization, and maintain robust identity governance. Core responsibilities include designing and supporting IAM tools and platforms, contributing to enterprise security initiatives such as single sign-on (SSO), multifactor authentication (MFA), role-based access control (RBAC), privileged access management (PAM), Active Directory (AD), certificate services, and identity governance.

This posting closes on September 10 at 5:00 pm MT.

Work environment and schedule

This position works a typical Monday through Friday schedule in a general office environment and may be eligible for hybrid workdays. The successful candidate should reside within a commutable distance. Performing this work requires occasional physical effort to lift and carry light objects and is primarily sedentary; minimal walking or standing is required on an as-needed basis.

Essential duties and responsibilities

• Design, develop, and maintain enterprise-wide IAM architectures, frameworks, and solutions to manage user identities, authentication, authorization, access permissions, and governance.
• Implement and optimize IAM technologies, including Okta as the primary identity platform, along with SSO, MFA, PAM, RBAC, AD, and certificate services.
• Define and enforce IAM policies, standards, and procedures in alignment with cybersecurity frameworks, regulatory requirements, and industry best practices.
• Architect and oversee the integration of digital certificates and Public Key Infrastructure (PKI) solutions into enterprise authentication systems, including issuance, renewal, revocation, and secure communications.
• Develop and maintain identity governance processes, including access certifications, access reviews, entitlement management, and enforcement of least-privilege policies.
• Administer IAM platforms, ensuring high availability, performance, scalability, and compliance with security and operational standards, including patching and configuration management.
• Integrate IAM systems with enterprise applications, third-party platforms, and hybrid cloud environments to streamline authentication and authorization.
• Design, develop, implement, and regularly test disaster recovery and redundancy plans for IAM systems to ensure cybersecurity resilience and secure business continuity.
• Maintain comprehensive documentation of IAM configurations, architectures, processes, disaster recovery plans, and incident response activities.
• Lead troubleshooting and resolution of IAM-related incidents and technical issues, including authentication, authorization, provisioning, and directory service problems.
• Implement and maintain security best practices, including least privilege, separation of duties, and secure credential management.

Other functions

• Participate in cross-functional security initiatives, working groups, or committees as needed to advance the organization's cybersecurity posture.
• Provide subject matter expertise during system design reviews, major application upgrades, and technology initiatives to ensure IAM and identity governance considerations are incorporated.
• Stay current on emerging IAM and IGA technologies, cybersecurity threats, and regulatory developments, and recommend adjustments to organizational strategies as appropriate.
• Support incident response efforts by providing expertise related to identity and access impacts during cybersecurity events.
• Perform other duties and special projects as assigned to support the cyber and information security department's objectives.

Knowledge, skills, and abilities

• Extensive knowledge of identity and access management (IAM) principles, identity governance (IGA), frameworks, technologies, and standards (e.g., Okta, SSO, MFA, RBAC, PAM, SCIM, SAML, OAuth, OpenID Connect).
• Strong understanding of identity lifecycle management, directory services (e.g., Active Directory, Azure AD), authentication/authorization models, and entitlement management.
• Expertise in designing and integrating digital certificate services and PKI solutions into enterprise environments.
• Strong knowledge of cybersecurity principles, least privilege models, zero trust architectures, and regulatory compliance requirements (e.g., NERC CIP, SOX, HIPAA, Colorado Privacy Act).
• Ability to develop, deploy, and maintain automation scripts and tools to improve IAM and governance operations.
• Skilled in troubleshooting complex IAM and governance issues, conducting root cause analyses, and implementing corrective actions.
• Ability to design and maintain disaster recovery and business continuity plans for IAM systems.
• Excellent written and verbal communication skills, with the ability to translate complex technical concepts into clear, actionable guidance.
• Strong collaboration skills with cross-functional teams, cybersecurity peers, business stakeholders, and technology leadership.
• Commitment to continuous learning in identity, governance, security, and regulatory developments.

Required qualifications

• Bachelor's degree in computer science, information security, information systems, or a related technical field; relevant experience may be substituted for education.
• One of the following certifications related to cybersecurity or identity and access management (or ability to obtain within one year of hire):
  • Certified Information Systems Security Professional (CISSP)
  • Certified Identity and Access Manager (CIAM)
  • Certified Information Security Manager (CISM)
• Experience:
  • 8 years of progressive responsibility in IAM, cybersecurity architecture, or enterprise security engineering.
  • 5 years direct architecting, implementing, and supporting IAM systems with a primary focus on Okta or similar cloud-based identity platforms.
  • Designing and integrating IAM and IGA solutions across hybrid environments (on-premises and cloud platforms such as Azure and AWS).
  • Implementing identity lifecycle management, access provisioning/deprovisioning, privileged access management (PAM), and federated authentication.
  • Supporting audit, compliance, and regulatory reporting related to identity governance and access management such as NERC CIP, SOX, HIPAA, Colorado Privacy Act.
• Valid driver's license.

Preferred qualifications

• Master's degree in cybersecurity, information technology, or a related field preferred.
• Okta certification (e.g., Okta Certified Professional or Okta Certified Administrator.
• Additional certifications related to identity platforms, privileged access management, or cloud security (e.g., CyberArk Defender, Microsoft Certified: Identity and Access Administrator Associate) are desirable.
• Experience implementing automation and orchestration for IAM processes, including access provisioning, certification campaigns, and policy enforcement.
• Prior experience working in electric utilities, energy, or critical infrastructure sectors.
• Familiarity with Zero Trust security models and cloud-native identity management architectures (e.g., Azure Active Directory, AWS Identity Center).
• Demonstrated leadership in cross-functional cybersecurity initiatives and the ability to influence organizational adoption of IAM best practices.

Pay

This role is classified as exempt; salaries are paid bi-weekly and are annualized below for reference. Factors that may be used to determine actual salary include specific skills, years of experience, education, and certifications.

• Full range: $150,396 to $18,096
• Hiring range: 150,396 to 184,354

Cox Automotive is seeking a Principal Identity and Access Management (IAM) Architect who will be responsible for designing, implementing, and maintaining IAM solutions, ensuring secure user access to organizational resources. This architect will also be responsible for developing and executing the IAM strategy, aligning it with the overall enterprise security roadmap. This role involves managing risks, collaborating with various stakeholders, and staying current on emerging technologies.

Key success factors include:

Deep understanding of IAM principles:

• This includes authentication, authorization, access control, lifecycle management, privileged access management, and identity governance.

Experience with various IAM technologies:

• This can include Identity Providers (IdPs) like Azure Active Directory, Okta, or Ping Identity, IAM platforms, and other related tools.

Knowledge of security best practices:

• This includes understanding concepts like least privilege, separation of duties, multi-factor authentication, and zero trust security principles.

Hands-on experience:

• The ability to design, implement, and manage IAM solutions in a real-world environment is crucial.

This role will directly report to the Senior Director of Cybersecurity IAM at Cox Automotive.

Key Responsibilities

• Develop and own the overall IAM architecture strategy, standards, and roadmap.
• Design scalable, secure IAM solutions include authentication, authorization, identity governance, and privileged access management.
• Lead technical design and implementation of IAM platforms such as Okta, SailPoint, CyberArk, Microsoft Entra, Ping Identity, etc.
• Define IAM policies, roles, and entitlements that align with business and compliance requirements
• Collaborate with engineering, application, and infrastructure teams to integrate IAM capabilities across the environment.
• Evaluate emerging IAM technologies and recommend adoption strategies.
• Mentor junior IAM engineers and architects, fostering growth and knowledge sharing.
• Serve as a subject matter expert for internal and external stakeholders on IAM-related initiatives.

Minimum Requirements:

• Bachelor's degree in a related discipline and 10+ years' experience in a related field. The right candidate could also have a different combination, such as a master's degree and 8 years' experience; a Ph.D. and 5 years' experience in a related field; or 22 years' experience in a related field.

• Identity & Access Management (IAM):
  • In-depth knowledge of IAM frameworks and principles.
  • Experience with Identity Governance & Administration (IGA), Privileged Access Management (PAM), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC).
  • Expertise in Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Federated Identity Management.

• Cloud and Enterprise Security:
  • Strong understanding of Zero Trust Architecture.
  • Experience with Cloud IAM platforms such as Azure AD, AWS IAM, and Google Cloud IAM.
  • Proficiency in secure API authentication (OAuth 2.0) and identity lifecycle management.

• Compliance and Standards:
  • Knowledge of security compliance and regulatory standards (e.g., ISO 27001, NIST, GDPR, SOX).

• Directory and Authentication Services:
  • Proficient in Active Directory (AD), Azure AD, LDAP, SAML, Kerberos, and certificate-based authentication.
  • Understanding of authentication protocols including OIDC, OAuth, and SAML.

• IAM Tools and Platforms:
  • Hands-on experience with tools such as Okta, Ping Identity, Microsoft Entra ID, SailPoint, and CyberArk.

• Development and Automation:
  • Experience in identity workflow automation and provisioning.
  • Proficiency in API development for IAM integration.
  • Familiarity with scripting languages such as Python, PowerShell, and JavaScript for security automation.
  • Understanding of CI/CD pipelines for IAM deployment.

USD 159,400.00 - 265,600.00

Compensation:

Compensation includes a base salary of $159,400.00 - $265,600.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate's knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.

Benefits:

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company's needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave.

Applicants must currently be authorized to work in the United States for any employer without current or future sponsorship.

Our client, a leader in the technology sector, is seeking an Identity and Access Management (IAM) Architect to join their team. As an IAM Architect, you will be part of the security department supporting various teams across the organization. The ideal candidate will have excellent analytical skills, strong communication abilities, and a commitment to continuous learning, which will align successfully within the organization.

Job Title: Identity and Access Management (IAM) Architect

Location: Overland Park, KS

Pay Range: $78.66 per hour

What's the Job?

• Define and develop the overall identity management strategy for the organization, aligning it with business goals and regulatory requirements.
• Design and implement identity and access management platforms to support the company's identity strategy.
• Establish and enforce identity management controls to secure sensitive information and maintain compliance with relevant regulations.
• Provide training and support to operations teams on IAM processes and best practices.
• Conduct regular audits and assessments to ensure compliance with IAM policies and identify areas for improvement.

What's Needed?

• A minimum of 7 years of experience in identity and access management or a related field.
• Proven track record of successfully implementing IAM platforms and solutions in a large organization.
• Strong understanding of regulatory requirements related to identity management, such as GDPR, HIPAA, and SOX.
• Relevant certifications in identity and access management, such as CISSP or CIAM, are beneficial.
• Proficiency in IAM tools and technologies, with hands-on experience in configuring and managing IAM systems.

What's in it for me?

• Opportunity to work in a pivotal role that shapes the identity management strategy of the organization.
• Collaborative work environment with diverse teams and stakeholders.
• Professional development opportunities to enhance your skills and knowledge in IAM.
• Engagement with emerging technologies and trends in the IAM space.
• Ability to make a significant impact on the security and compliance posture of the organization.

Upon completion of waiting period consultants are eligible for:

• Medical and Prescription Drug Plans
• Dental Plan
• Vision Plan
• Health Savings Account
• Health Flexible Spending Account
• Dependent Care Flexible Spending Account
• Supplemental Life Insurance
• Short Term and Long Term Disability Insurance
• Business Travel Insurance
• 401(k), Plus Match
• Weekly Pay

If this is a role that interests you and you'd like to learn more, click apply now and a recruiter will be in touch with you to discuss this great opportunity. We look forward to speaking with you!

About ManpowerGroup, Parent Company of: Manpower, Experis, Talent Solutions, and Jefferson Wells

ManpowerGroup® (NYSE: MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing, and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands - Manpower, Experis, Talent Solutions, and Jefferson Wells - creates substantial value for candidates and clients across more than 75 countries and territories and has done so for over 70 years. We are recognized consistently for our diversity - as a best place to work for Women, Inclusion, Equality and Disability and in 2023 ManpowerGroup was named one of the World's Most Ethical Companies for the 14th year - all confirming our position as the brand of choice for in-demand talent.