Back to Jobs
This position is no longer available
Remote (Country)

Ethos was looking for an IAM Architect - Access Management / CIAM (Remote in the US)

GuidePoint Security is hiring an IAM Architect - Access Management / CIAM to join our implementation team. In this fully remote role, you will design, deploy, administer, and optimize enterprise-grade Identity and Access Management (IAM) solutions with a primary focus on Okta, Ping Identity, and Microsoft Entra ID.

What You'll Do

  • Deploy, configure, manage, and support Okta, Auth0, Ping Identity (PingFederate, PingOne, PingOne AIC), and Microsoft Entra ID environments.
  • Manage user lifecycle governance including provisioning, deprovisioning, and access certification workflows.
  • Implement and oversee Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Adaptive Authentication.
  • Ensure adherence to least-privilege and Zero-Trust principles for all user and application identities.
  • Support modern IAM capabilities such as Just-in-Time (JIT) access, Conditional Access, API access management, and Customer Identity and Access Management (CIAM).
  • Integrate IAM platforms with AD/LDAP, cloud directories, SIEM, SCIM provisioning, SAML/OIDC applications, and cloud services (AWS/Azure/GCP).
  • Develop automation for user provisioning, access reviews, and monitoring using PowerShell, Python, or REST APIs.
  • Implement access governance policies, role-based access control (RBAC), and attribute-based access control (ABAC).
  • Provide strategic oversight across multiple concurrent projects, ensuring alignment with client objectives and timelines.
  • Champion projects from an ownership perspective, taking full accountability for successful delivery and client outcomes.
  • Foster strong client relationships through technical excellence and a consultative approach.
  • Create and maintain technical documentation, implementation guides, and best practice frameworks.
  • Provide technical expertise during the presales process to support new business opportunities.
  • Develop Level of Effort (LOE) estimates for proposed IAM implementations and contribute to Statement of Work (SOW) development.

What We're Looking For

  • Bachelor's degree in Computer Science, Information Security, or related field — or equivalent work experience.
  • 3–5+ years of experience in Identity and Access Management engineering or Consulting.
  • Hands-on experience with Okta (Universal Directory, Lifecycle Management, Workflows, API Access Management).
  • Experience implementing Microsoft Entra ID including Conditional Access, Identity Protection, and Entra Connect.
  • Working knowledge of Ping Identity solutions (PingFederate, PingOne, or PingAccess).
  • Strong understanding of identity governance, SSO protocols (SAML, OIDC, OAuth), MFA, and access certification.
  • Experience with Windows/Linux server administration and Active Directory.
  • Familiarity with scripting (PowerShell, Python) and REST APIs.
  • Knowledge of common security frameworks and access control principles.

Nice to Have

  • 3-5 years of IT Professional services and consulting experience.
  • Professional certifications such as Okta Certified Professional/Administrator/Consultant, Microsoft Certified: Identity and Access Administrator Associate, Ping Identity Certified Professional, CISSP, CISM, Security+, CCSP, or similar.
  • Exposure to modern IAM capabilities: Passwordless authentication (FIDO2, WebAuthn, passkeys), Decentralized identity and verifiable credentials, Identity threat detection and response (ITDR), API security and OAuth 2.0 / OpenID Connect.

Technical Stack

  • Primary Platforms: Okta, Auth0, Ping Identity (PingFederate, PingOne, PingOne AIC), Microsoft Entra ID.
  • Infrastructure & Directories: Active Directory/LDAP, AWS, Azure, GCP.
  • Protocols & Standards: SAML, OIDC, OAuth, SCIM.
  • Tools: PowerShell, Python, REST APIs.
  • Security: SIEM.

Team & Environment

You will be part of the Access Management team, partnering with other engineers and architects. Mentorship at all levels is foundational to our culture.

Benefits & Compensation

  • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans).
  • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans.
  • 12 corporate holidays and a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Eligibility for retirement plan after 2 months at open enrollment.
  • Pet Benefit Option.

Work Mode

This is a fully remote position for candidates located within the United States.

GuidePoint Security is an equal opportunity employer.

Required Skills
OAuthActive Directory
About company
Ethos
Ethos is a leading life insurance technology company on a mission to protect families by democratizing access to life insurance and empowering agents at scale. It offers instant, accessible life insurance products with a seamless online process requiring no medical exams.
All jobs at Ethos Visit website
Job Details
Category security
Posted 4 months ago

Similar Jobs

Other opportunities you might be interested in

RTX Corporation

Ping Engineer - Identity and Access Management - Single Sign On SSO (Remote)

RTX Corporation

United States of America Remote (Global)
SentiLink

Senior IT Specialist

SentiLink

Austin Hybrid
Asana

Principal Security Engineer

Asana

San Francisco Hybrid
Scribe

Support Engineer: SCIM/SSO Specialist

Scribe

Belgrade Remote (City)
?

System Administrator

Unknown Company

Wroclaw, Lower Silesia, Poland Hybrid
Accenture Federal Services

Okta Engineer

Accenture Federal Services

United States of America Remote (Country)