Identity Access Management Architect

EyeCare Partners is the nations leading provider of clinically integrated eye care. Our national network of over 300 ophthalmologists and 700 optometrists provides a lifetime of care to our patients with a mission to enhance vision, advance eye care and improve lives. Based in St. Louis, Missouri, over 650 ECP-affiliated practice locations provide care in 18 states and 80 markets, providing services that span the eye care continuum. For more information, visit click to view www.eyecare-partners.com .

Job Overview:

We are seeking a skilled and experienced Identity and Access Management (IAM) Architect to join our IT team. The IAM Architect will play a pivotal role in designing, implementing, and maintaining robust IAM solutions to protect our organizations digital assets. You will be responsible for defining IAM architecture and policies, ensuring secure access control, and supporting the implementation of identity and access governance processes across the enterprise. The ideal candidate should have extensive knowledge of IAM tools, protocols, and industry best practices, along with a strong ability to collaborate with both technical teams and business stakeholders.

Key Responsibilities:

• IAM Solution Design:
  Lead the design and implementation of scalable and secure IAM solutions that meet business requirements and align with security best practices. Develop architectural blueprints and technical roadmaps for IAM initiatives.
• Identity Lifecycle Management:
  Oversee the creation, maintenance, and deletion of identities across systems. Implement and enforce user provisioning, de-provisioning, and role-based access controls (RBAC) in line with organizational policies.
• Access Control Management:
  Design and implement access control models and policies, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM). Ensure that access permissions are granted based on the principle of least privilege.
• Security and Compliance:
  Ensure IAM processes and solutions comply with relevant regulatory standards such as GDPR, HIPAA, or SOC 2. Perform regular audits and assessments to monitor the effectiveness of IAM controls and identify areas for improvement.
• Integration and Automation:
  Work closely with cross-functional teams to integrate IAM systems with enterprise applications and services (cloud, on-premises). Implement automation for identity governance, reducing manual intervention while enhancing security and operational efficiency.
• Identity Federation:
  Design and implement identity federation solutions to allow secure access to third-party applications and external partners, using industry standards such as SAML, OAuth, OpenID Connect, and SCIM.
• Incident Response:
  Respond to identity-related security incidents, including account takeovers and access anomalies. Investigate access violations and support forensic analysis as necessary.
• Technical Leadership and Mentorship:
  Provide leadership and mentorship to IAM engineers and other technical staff. Share knowledge and best practices to elevate the teams overall IAM expertise.
• Stakeholder Collaboration:
  Engage with IT leadership, security teams, and business units to understand requirements and provide guidance on IAM processes. Ensure alignment between IAM strategies and organizational goals.

Required Skills & Qualifications:

• Bachelors degree in Computer Science, Information Technology, or related field.
• 5+ years of experience in Identity and Access Management, with at least 3 years in an architectural or leadership role.
• Expertise in IAM technologies such as Microsoft Azure AD, Okta, SailPoint, ForgeRock, or similar platforms.
• In-depth knowledge of IAM protocols (e.g., SAML, OAuth, OpenID Connect, LDAP, SCIM).
• Experience with integrating IAM solutions with both cloud-based and on-premises applications.
• Strong understanding of security frameworks and standards, such as NIST, ISO 27001, or COBIT.
• Proficiency in designing and implementing authentication solutions like SSO, MFA, and PAM.
• Experience with identity governance and lifecycle management tools.
• Solid understanding of risk management, compliance, and auditing principles in IAM.
• Familiarity with cloud platforms (AWS, Azure, Google Cloud) and their IAM services.
• Strong problem-solving skills with the ability to innovate and adapt to emerging technologies.
• Excellent communication skills, with the ability to clearly articulate technical concepts to both technical and non-technical stakeholders.

Preferred Qualifications:

• Advanced certifications in IAM or cybersecurity (e.g., CISSP, CISM, Certified Identity Management Professional).
• Experience in scripting and automation tools (e.g., PowerShell, Python, Terraform).
• Previous experience with large-scale IAM deployments in enterprise environments.
• Familiarity with DevOps practices and CI/CD pipelines in relation to IAM.

If you need assistance with this application, please contact .... Please do not contact the office directly only resumes submitted through this website will be considered.

EyeCare Partners is an equal opportunity/affirmative action employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.