Job Description

Senior Identity Management Architect
Job Number: 21- 15638
Grab the opportunity to achieve your full potential! Eclaro is looking for a Senior Identity Management Architect for our client in Charlotte, NC.
Eclaro’s client is one of the world's largest financial institutions, committed to providing the tools and services that bridge the gap between customers and their goals. If you’re up to the challenge, then take a chance at this rewarding opportunity!
Position Overview:
  • Responsible for the strategy across all identity services, both current and future state, within the IDM portfolio and will participate in the high-level technical design across these services.
  • This is an individual contributor role, reporting directly to the IDM Services Executive.
  • The individual work with the functional teams responsible for engineering services under the IDM Services and partner with stakeholders in both the Technology Infrastructure Services and Information Security organizations on strategic initiatives.

  • Develops and participates in technical design & strategy across all Identity Management services (existing & future state)
  • Understands at an expert level technical requirements for all IDM services including security and networking considerations
  • Unifies identity strategy for on premise identity solutions along with our cloud identity solutions
  • Works with each IDM functional manager and client partners to develop high-level designs
  • Researches and recommends new technologies and improvements which address enterprise gaps across the IDM portfolio
  • Ensures practical feasibility of technical solutions in accordance with GIS architecture standards
  • Understands how all IDM services tie together and impact to the enterprise, along with interdependencies on enterprise services
  • Participates in senior level audit engagements and discussions
  • Produces and showcases Identity strategy via diagrams and other materials presented to senior management
  • Identifies opportunities to streamline service offerings where there are technical capabilities overlap
  • Information Security regarding vulnerability assessments and threat modeling for identity servicesPartners with key stakeholders in

Required Experience:
  • 10+ years developing and architecting identity management solutions
  • Deep technical experience of Active Directory with focus on security architecture and environment hardening/engineering password vaulting solutions such as CyberArk, HashiCorp Secrets Vault, Thycotic Secret Server, etc.
  • Experience architecting
  • Experience architecting/engineering privileged access tools such as PowerBroker and Active Roles Server
  • Experience architecting/engineering Microsoft identity management solutions such as FIM/MIM (Forefront/Microsoft Identity Manager) and SSGM (Self Service Group Management)/SSPM (Self Service Password Management)
  • Experience architecting/engineering cloud identity solutions such as Microsoft Azure AD Connect and integration with other cloud provides such as Amazon, Google, etc.
  • Advanced security prowess with identity management solutions (latest security threats/trends and mitigation thereof)
  • Experience with best practices for identity management disaster recovery
  • Strong working knowledge of Windows/*NIX operating systems platforms, DNS, networks, DMZs, firewalls, network security zones, etc.
  • Deep, in-depth working knowledge of Kerberos (Microsoft and MIT/Heimdal) and NTLM authentication
  • Working experience with MFA, SSO and federation technologies
  • Strong knowledge of LDAP protocol
  • Experience with non-Windows integration with Active Directory (Vintela VAS integration, Red Hat IdM, etc.)
  • Working knowledge of Certificate/CA/PKI infrastructure
  • Experience and confidence to be the senior architect for all IDM identity services in a very large/complex environment
  • Excellent communication skills, including experience effectively communicating technical challenges and solutions to peers, customers and senior management

  • Experience with Microsoft's Enhanced Security Architecture Environment (ESAE) - Red/Bastion/Admin forest design; including JIT (just in time) & JEA (just enough administration) concepts; Microsoft PAM (Privileged Access Manager)
  • Red Team assessment, exposure and interaction
  • Knowledge of threat analytics tools
  • Scripting/programming knowledge (PowerShell, Python, C#, VBscript, Javascript, Perl)
  • Knowledge of database platforms
  • Unix/Linux skills

If interested, you may contact:
Merly Villanueva 
Merly Villanueva | LinkedIn

Equal Opportunity Employer: 
Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status. 

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online