Sr. Security Architect - IAM

If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!

Position Overview:

The Sr. IAM Architect plays a key role in supporting the design, implementation, and maintenance of Identity and Access Management (IAM) solutions.  This role focuses on integrating IAM technologies, enhancing user lifecycle management, and ensuring secure access controls across enterprise systems.

The Sr. IAM Architect actively collaborates with other architects, engineers, cross-functional teams, mentors engineers, and work closely with key stakeholders.  This role contributes to the Architecture Review Board.  Additionally, they will work closely with IAM engineers, Security, IT, and business teams to develop IAM policies, improve automation, and strengthen compliance with industry standards. They also assist in troubleshooting IAM-related issues, evaluating security risks, and supporting IAM governance frameworks.

Responsibilities:

• (20%) Contribute to the design and deployment of modern, automated IAM solutions, collaborating with vendors, engineering teams, and business units.

• (20%) Ensure IAM solutions align with enterprise security policies, standards, and regulatory requirements while supporting risk mitigation efforts.

• (20%) Develop and maintain architecture diagrams, system configurations, and security control documentation for IAM solutions.

• (20%) Evaluate and enhance existing IAM services, participating in periodic reviews to ensure efficiency, scalability, and security.

• (10%) Work closely with IT, InfoSec, and application development teams to provide IAM expertise, support solution integrations, and assist in technology selection.

• (10%) Stay current on IAM trends, security threats, and best practices while mentoring junior team members and contributing to knowledge sharing.

• Responsibilities will include participation in special assignments and cross-functional initiatives as required.

Required Education & Experience (Knowledge, Skills, & Abilities):

• Candidate must live in North Carolina or contiguous state.
• Bachelors degree in Computer Science, Information Technology, Cyber Security, or related field.
  • Additional 5 years of relevant experience can be considered in lieu of degree.
• Minimum 5 year of experience in related field.
• Technical Expertise
  • Hands-on experience with IAM technologies, including PAM, SSO, Directory Services, IGA, CIAM, and MFA.
  • Strong knowledge of authentication and authorization protocols such as OAuth2.0, OIDC, SAML, LDAP, and Kerberos.
  • Experience with cloud directories such as Entra ID, AWS Directory Service, and Google Cloud Identity.
  • Familiarity with IAM governance and compliance frameworks, including NIST, ISO 27001, SOX, and GDPR.
  • Understanding of IAM’s role in security frameworks and risk management, including threat modeling and risk assessments.
  • Experience evaluating internal and external threats, assisting in maintaining IAM security tools, and supporting incident response efforts.
• User Lifecycle Management
  • Experience designing and implementing provisioning and de-provisioning processes, including Joiner-Mover-Leaver (JML) workflows.
  • Understanding of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) principles and implementation.
  • Knowledge of IAM automation using scripting tools such as PowerShell or Python.
• Architecture & Solution Design
  • Assist in defining and documenting security solutions, reference patterns, and operational support documentation.
  • Provide technical expertise to support IAM projects and initiatives.
  • Collaborate with engineering and security teams to align IAM solutions with business and security requirements.
  • Support the evaluation and selection of security technologies to improve IAM capabilities.
  • Work with the architectural review board to ensure IAM solutions align with security best practices.
• Automation & Infrastructure as Code (IaC)
  • Basic experience with scripting and automation tools such as PowerShell, Python, or Bash.
  • Exposure to Infrastructure as Code (IaC) tools, including Ansible, Azure Resource Manager, or Terraform, for IAM automation.
• Collaboration & Communication
  • Ability to communicate IAM concepts to technical and non-technical stakeholders.
  • Strong problem-solving skills and ability to work cross-functionally with IT, security, and development teams.
  • Support the development of IAM policies and procedures to improve security and efficiency.
  • Participate in mentoring and knowledge-sharing to enhance team capabilities.
• Problem-Solving & Critical Thinking
  • Strong troubleshooting and investigative skills to resolve IAM-related issues.
  • Ability to identify process improvements and contribute to IAM best practices.
• Professional Development
  • Stay up to date with emerging IAM technologies and industry best practices.

Preferred Education & Experience (Knowledge, Skills, & Abilities):

• Bachelors degree in Computer Science, Information Technology, Cyber Security, or related field.
• Preferred 10+ direct years of experience.

• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification and/or desire to obtain such certifications.
• Experience working within a DevOps environment.

• Experience in managing IAM projects from inception to delivery.
• Experience of FFIEC audit guidelines for banking regulators

Work Environment & Physical Requirements:

*Note: “Working Conditions” or “ADA” – open to other language

• Computer for prolonged periods

SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.

Disclaimer

State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.