Lead IAM Architect

Role Description

At FNZ, our purpose is to make wealth management more accessible, bringing easier, fairer and more inclusive solutions to people worldwide. Here in the Global Cyber & Information Security team, we are on a mission to embed cyber resilience across FNZ, protecting the platforms that support investment solutions for over 20 million people.

We are looking for an exceptional and proven IAM Lead Architect, reporting to the Group Head of IAM, responsible for designing, implementing, and managing IAM solutions that ensure the security, efficiency, and integrity of our organization's access management. You will play a critical role in defining the identity and access strategy, developing policies, and implementing tools that protect our company's assets and data. You will work closely with other security teams, IT and business units, to provide secure access while enabling seamless user experiences.

You will have proven technical Information Security subject matter expertise, knowledge of the cybersecurity landscape, experience following a variety of industry recognised information security frameworks, experience in defining and implementing access management strategy, coupled with an ability to communicate risk effectively to stakeholders of all levels. You will consult and challenge through a risk lens.

You will have prior experience in a complex and evolving environment in regulated financial services across different regions and jurisdictions.

Specific Role Responsibilities

• IAM Strategy and Design:

  • Develop and implement the organization's IAM strategy, aligning with business goals and regulatory requirements.

  • Architect and design IAM frameworks, solutions, and processes to manage user identities, roles, and access privileges across the enterprise.

  • Define and maintain IAM architecture roadmap, ensuring scalability, flexibility, and security.

• Implementation and Integration:

  • Lead the deployment of IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Identity Governance and Administration (IGA), and Privileged Access Management (PAM).

  • Integrate IAM solutions with cloud services (e.g., AWS, Azure, Google Cloud), applications, and other infrastructure.

  • Work with development teams to ensure that IAM integrations are secure and adhere to best practices.

• Security and Compliance:

  • Ensure IAM solutions comply with industry standards, regulations, and policies (e.g., GDPR, DORA, PCI, SOC2).

  • Implement security best practices to protect against unauthorized access and potential data breaches.

  • Develop and enforce IAM policies, procedures, and guidelines to ensure secure user provisioning and de-provisioning.

• Monitoring and Management:

  • Monitor IAM systems for performance, security incidents, and anomalies, responding to incidents as necessary.

  • Implement logging, auditing, and reporting mechanisms to track user access and identity-related activities.

  • Regularly review and update access controls, ensuring appropriate levels of access for users.

• Collaboration and Support:

  • Collaborate with IT, security, and business teams to gather requirements and implement IAM solutions that meet business needs.

  • Provide guidance and support to IT teams on IAM-related issues, troubleshooting, and maintenance.

  • Train and mentor junior staff, fostering a culture of security awareness.

• Continuous Improvement:

  • Stay updated on emerging IAM technologies, trends, and threats.

  • Identify opportunities to improve IAM processes and technologies, enhancing security and user experience.

  • Participate in incident response and disaster recovery planning related to IAM.

Experience required

Primary requirements

• 10+ years of experience in IAM, cybersecurity, or a related IT security role.

• Proven experience in designing and implementing IAM solutions in large, complex environments.

• Experience with IAM tools and technologies such as Azure AD, CyberArk, etc.

• Strong knowledge of IAM concepts, including identity lifecycle management, access provisioning, SSO, MFA, and federation.

• Proficient in cloud IAM solutions (AWS IAM, Azure Active Directory, Google Cloud IAM).

• Familiarity with scripting and programming languages (e.g., Python, PowerShell, JavaScript) for automation and integration.

• Understanding of authentication protocols (e.g., SAML, OAuth, OpenID Connect, LDAP).

• Strong analytical and problem-solving skills.

• Excellent communication and interpersonal skills, capable of explaining complex technical concepts to non-technical stakeholders.

• Ability to work independently and as part of a team, managing multiple priorities in a fast-paced environment.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• Certified Cloud Security Professional (CCSP)

• Identity Management Institute certifications (e.g., Certified Identity and Access Manager - CIAM)

About FNZ

FNZ is committed to opening up wealth so that everyone, everywhere can invest in their future on their terms. We know the foundation to do that already exists in the wealth management industry, but complexity holds firms back. 

We created wealth’s growth platform to help. We provide a global, end-to-end wealth management platform that integrates modern technology with business and investment operations. All in a regulated financial institution. 

We partner with over 650 financial institutions and 12,000 wealth managers, with US$1.5 trillion in assets under administration (AUA).

Together with our customers, we help over 20 million people from all wealth segments to invest in their future.