IAM Architect

Job Description

Job Title: IAM Architect:

The End-User Computing Division empowers employees to do their best work from anywhere, through smart, seamless, and secure experiences.

As digital workspaces continue to evolve, we are designing and engineering VMware Anywhere Workspace, a holistic platform built on our industry-leading solutions for virtual apps, desktops, unified endpoint management and security. Our platform enables us to deliver upon our Autonomous Workspace vision, the next evolution of our offering that leverages data and artificial intelligence, to create workspaces that are self-configuring, self-healing, and self-securing. Together, our work is enabling organizations to optimize both employee experience and security, while modernizing IT and lowering operational risk.

• Design IAM Solutions: Architect, design, and implement IAM solutions that align with the organization's security policies, compliance requirements, and business objectives.
• Identity Lifecycle Management: Develop processes and procedures for managing the entire identity lifecycle, including provisioning, authentication, authorization, and de-provisioning.
• Access Control Policies: Define access control policies and enforce least privilege principles to ensure that users have appropriate access rights based on their roles and responsibilities.
• Single Sign-On (SSO) Integration: Implement single sign-on solutions to streamline user authentication processes and enhance user experience across various applications and systems.
• Multi-Factor Authentication (MFA): Evaluate, select, and implement multi-factor authentication mechanisms to strengthen the security of user accounts and prevent unauthorized access.
• Privileged Access Management (PAM): Design and implement privileged access management solutions to secure sensitive systems and restrict access to critical resources.
• Identity Federation: Establish trust relationships with external identity providers to enable secure authentication and access to external services and applications.
• Identity Governance and Compliance: Implement identity governance processes to ensure compliance with regulatory requirements and industry standards, such as GDPR, HIPAA, SOX, and PCI DSS.
• Security Architecture Review: Conduct security architecture reviews and assessments to identify gaps, vulnerabilities, and areas for improvement in the IAM infrastructure.
• Incident Response and Remediation: Develop incident response procedures and participate in security incident investigations related to identity and access management.
• Documentation and Training: Create documentation, guidelines, and training materials for IAM processes, procedures, and best practices to educate stakeholders and promote security awareness.

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification preferred.
• Extensive experience (5+ years) in designing, implementing, and managing IAM solutions in enterprise environments.
• Proficiency in identity management technologies such as Active Directory, LDAP, OAuth, SAML, Kerberos, and OpenID Connect.
• Strong understanding of security principles, cryptographic protocols, and authentication mechanisms.
• Excellent communication and interpersonal skills with the ability to collaborate effectively with cross-functional teams.
• Solid understanding of regulatory compliance requirements and data privacy laws.
• Experience with IAM platforms such as Okta, Microsoft Azure AD, Ping Identity, or similar solutions.
• Strong problem-solving skills and the ability to analyze complex issues and recommend effective solutions.
• Knowledge of cloud security concepts and experience with cloud identity and access management services (e.g., AWS IAM, Azure AD Identity Protection) is a plus.

• The position may require occasional travel to other company locations or client sites.
• Availability for off-hours support and participation in on-call rotation may be required.