Identity Architect

The Identity Architect is a critical and impactful role tasked with responsibility for designing and implementing the associated architecture and standards that deliver successful, business-focused identity services for DFA employees, members, customers, and business partners. This technical position is responsible for identifying, investigating, resolving and developing processes, procedures and associated documentation relative to all aspects of identity management and access as well as the design, engineering, and implementation of associated architectures and technologies.

The ideal candidate is a thought leader, and a problem solver with a strong knowledge of security and identity\access management best practices and technologies. They will envision and define services and solutions as the integration of people, processes, and technology.

Job Duties and Responsibilities:

Under direction of the Director of Identity Management:

• Architect and implement a unified, scalable and resilient identity management framework which enables secure access across internal applications and cloud services
• Define and provide technical oversight over key IAM programs and controls necessary to modernize DFA’s identity lifecycle processes and effectively reduce identity-related risks in a hybrid business\manufacturing plant environment (IT/OT)
• Align identity practices with business needs, corporate cybersecurity policies, regulatory and compliance requirements (e.g., NIST CSF, ISA/IEC 62443), and industry best practices (e.g., zero trust)
• Work with business and technology stakeholders to define and lead the development of role-based, attribute-based, and policy-based access controls (RBAC, ABAC PBAC) models for both human and machine actors
• Provide advanced support for access management issues and remediation efforts
• Engage in the review and design of new and current IAM solutions to ensure appropriate controls and tools are selected and operationalized
• Expand and evolve the use of federated identity protocols and entitlement orchestration tools
• Optimize controls and processes for managing privileged access (PAM), remote access, and vendor access
• Normalize onboarding, maintenance, and offboarding processes for IT/OT identities
• Identify and implement orchestration and automation workflows to improve IAM efficiency
• Define metrics, dashboards, and reporting for IAM health, maturity, and risk alerts
• Stay current with emerging IAM technologies and industry trends
• Maintain documentation of key operational processes and standards

Qualifications:

Minimum Requirements:

Education and Experience

• Bachelor’s degree in information security, computer science or other related field (work experience may be substituted for the required education on a year for year basis)
• 5 years of relevant work experience in a position focused on architecting and\or integrating Identity & Access management governance, tools, and processes in an enterprise environment

Knowledge, Skills and Abilities

Identity & Access Management Expertise

• Strong experience troubleshooting and resolving issues related to identities, authentication, authorization, entitlements, and permissions
• Proficiency in IAM core areas:
• Identity provisioning and lifecycle management (Active Directory, Microsoft Entra, Okta Universal Directory) for both human and machine identities
• Federation and single sign-on (SSO)
• Multifactor authentication (MFA)
• Role-based access control (RBAC) and policy-based access control (PBAC)
• Privileged access and identity management (PAM/PIM)
• Certificate/PKI services and key management
• Modern authentication standards and protocols (Zero trust, SAML, OAuth, FIDO, OpenID)
• Scripting or development skills in PowerShell (preferred), python, or similar languages (Perl, Java, Go, Ruby)
• Experience with designing identity controls within a manufacturing or other operational technology (OT) environments is a plus
• Skills in defining dashboards, metrics, and monitoring for identity health and risk mitigation
• Demonstrated experience in strategic planning for modernization and remediation roadmaps
• Strong verbal and written communication skills; ability to influence peers and business stakeholders in a matrix organization
• Proven ability to identify areas for process improvement and then create and execute a plan for improvement

Applicable Certifications (desired, not required):

• Certified Identity and Access Manager (CIAM)
• Certified Information Systems Security Professional (CISSP)
• Microsoft Certified: Identity and Access Administrator Associate
• The Open Group Architecture Framework (TOGAF)
• Certified Information Security Manager (CISM)
• Okta Certified Professional

An Equal Opportunity Employer including Disabled/Veterans