About this role
Role Summary
We are seeking a seasoned IAM Implementer / Architect to join a high-impact security and identity initiative. This is a hands-on role for a practitioner who has strong implementation experience and is ready to grow into an architectural leadership capacity. The ideal candidate is comfortable working at both the execution level and the design/strategy level, with deep expertise in Azure Active Directory (Microsoft Entra ID), Okta, AWS IAM, and emerging agentic identity patterns.
Must-Have Requirements
• Azure Active Directory / Microsoft Entra ID
• Hands-on deployment and configuration experience
• Ability to answer architecture-level questions on Azure AD design, federation, and governance
• Experience with Conditional Access, PIM, Identity Protection, and Entra ID roles
• Okta Identity Platform
• Production deployment and administration experience
• Non-Human Identity (NHI) / Machine Identity management via Okta
• Service accounts, API keys, machine-to-machine (M2M) tokens, OAuth client credentials flow
• Lifecycle automation for non-human identities
• Agentic Identity
• Must understand what agentic identity is and how to secure AI agents, bots, and automated pipelines
• Experience defining identity strategies for agentic workloads (LLM-based agents, RPA bots, etc.)
• AWS IAM
• Roles, policies, permission boundaries, SCPs, and IAM best practices
• Cross-account access, federation with Azure AD / Okta
• Implementor-to-Architect mindset
• Willingness and capability to evolve from hands-on implementation into architectural ownership
• Ability to document, present, and defend design decisions to senior stakeholders
Key Responsibilities
• Implement and configure Azure AD / Microsoft Entra ID solutions including SSO, MFA, SSPR, and RBAC
• Deploy and manage Okta environments, including Workforce Identity and non-human identity (NHI) use cases
• Design and implement Okta lifecycle management for machine identities, service accounts, and API credentials
• Define and enforce AWS IAM policies, roles, and permission models aligned to least-privilege principles
• Architect identity solutions for agentic workloads — securing AI agents, automation bots, and service pipelines
• Lead identity architecture discussions and provide technical guidance to cross-functional teams
• Perform IAM assessments, gap analyses, and produce architecture diagrams and documentation
• Collaborate with security, cloud, and application teams to integrate identity into DevSecOps pipelines
• Troubleshoot and resolve identity-related incidents across all IAM platforms
• Stay current with emerging identity standards: SPIFFE/SPIRE, OAuth 2.0, OIDC, SCIM, FIDO2/Passkeys
Preferred Qualifications
• Microsoft Certified: Identity and Access Administrator Associate (SC-300) or Azure Security Engineer (AZ-500)
• Okta Certified Professional or Okta Certified Administrator
• AWS Certified Security Specialty or Solutions Architect
• Experience with IGA platforms: SailPoint IdentityNow, Saviynt, or Oracle Identity Governance
• Familiarity with PAM solutions: CyberArk, BeyondTrust, or Delinea
• Experience implementing Zero Trust Architecture and Identity-centric security models
• Exposure to DevSecOps pipelines and IAM as Code (Terraform, Pulumi, ARM/Bicep templates)
• Prior experience in financial services, healthcare, or regulated industries a plus
California Pay Range $60 — $65 USD
We are seeking a seasoned IAM Implementer / Architect to join a high-impact security and identity initiative. This is a hands-on role for a practitioner who has strong implementation experience and is ready to grow into an architectural leadership capacity. The ideal candidate is comfortable working at both the execution level and the design/strategy level, with deep expertise in Azure Active Directory (Microsoft Entra ID), Okta, AWS IAM, and emerging agentic identity patterns.
Must-Have Requirements
• Azure Active Directory / Microsoft Entra ID
• Hands-on deployment and configuration experience
• Ability to answer architecture-level questions on Azure AD design, federation, and governance
• Experience with Conditional Access, PIM, Identity Protection, and Entra ID roles
• Okta Identity Platform
• Production deployment and administration experience
• Non-Human Identity (NHI) / Machine Identity management via Okta
• Service accounts, API keys, machine-to-machine (M2M) tokens, OAuth client credentials flow
• Lifecycle automation for non-human identities
• Agentic Identity
• Must understand what agentic identity is and how to secure AI agents, bots, and automated pipelines
• Experience defining identity strategies for agentic workloads (LLM-based agents, RPA bots, etc.)
• AWS IAM
• Roles, policies, permission boundaries, SCPs, and IAM best practices
• Cross-account access, federation with Azure AD / Okta
• Implementor-to-Architect mindset
• Willingness and capability to evolve from hands-on implementation into architectural ownership
• Ability to document, present, and defend design decisions to senior stakeholders
Key Responsibilities
• Implement and configure Azure AD / Microsoft Entra ID solutions including SSO, MFA, SSPR, and RBAC
• Deploy and manage Okta environments, including Workforce Identity and non-human identity (NHI) use cases
• Design and implement Okta lifecycle management for machine identities, service accounts, and API credentials
• Define and enforce AWS IAM policies, roles, and permission models aligned to least-privilege principles
• Architect identity solutions for agentic workloads — securing AI agents, automation bots, and service pipelines
• Lead identity architecture discussions and provide technical guidance to cross-functional teams
• Perform IAM assessments, gap analyses, and produce architecture diagrams and documentation
• Collaborate with security, cloud, and application teams to integrate identity into DevSecOps pipelines
• Troubleshoot and resolve identity-related incidents across all IAM platforms
• Stay current with emerging identity standards: SPIFFE/SPIRE, OAuth 2.0, OIDC, SCIM, FIDO2/Passkeys
Preferred Qualifications
• Microsoft Certified: Identity and Access Administrator Associate (SC-300) or Azure Security Engineer (AZ-500)
• Okta Certified Professional or Okta Certified Administrator
• AWS Certified Security Specialty or Solutions Architect
• Experience with IGA platforms: SailPoint IdentityNow, Saviynt, or Oracle Identity Governance
• Familiarity with PAM solutions: CyberArk, BeyondTrust, or Delinea
• Experience implementing Zero Trust Architecture and Identity-centric security models
• Exposure to DevSecOps pipelines and IAM as Code (Terraform, Pulumi, ARM/Bicep templates)
• Prior experience in financial services, healthcare, or regulated industries a plus
California Pay Range $60 — $65 USD
Tech stack
AzureAWSLLMTerraform
About PHIZENIX
PHIZENIX is hiring for the iam implementer / architect role. NewJob aggregates active openings directly from PHIZENIX's applicant tracking system, so this listing is current.
More jobs at PHIZENIX →