TalentProfile
Back to Jobs
Remote (Country)

Ethos is hiring an IAM Architect - Access Management / CIAM (Remote in the US)

About the Role

GuidePoint Security is hiring an IAM Architect - Access Management / CIAM to join our implementation team. In this fully remote role, you will design, deploy, administer, and optimize enterprise-grade Identity and Access Management (IAM) solutions with a primary focus on Okta, Ping Identity, and Microsoft Entra ID.

What You'll Do

  • Deploy, configure, manage, and support Okta, Auth0, Ping Identity (PingFederate, PingOne, PingOne AIC), and Microsoft Entra ID environments.
  • Manage user lifecycle governance including provisioning, deprovisioning, and access certification workflows.
  • Implement and oversee Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Adaptive Authentication.
  • Ensure adherence to least-privilege and Zero-Trust principles for all user and application identities.
  • Support modern IAM capabilities such as Just-in-Time (JIT) access, Conditional Access, API access management, and Customer Identity and Access Management (CIAM).
  • Integrate IAM platforms with AD/LDAP, cloud directories, SIEM, SCIM provisioning, SAML/OIDC applications, and cloud services (AWS/Azure/GCP).
  • Develop automation for user provisioning, access reviews, and monitoring using PowerShell, Python, or REST APIs.
  • Implement access governance policies, role-based access control (RBAC), and attribute-based access control (ABAC).
  • Provide strategic oversight across multiple concurrent projects, ensuring alignment with client objectives and timelines.
  • Champion projects from an ownership perspective, taking full accountability for successful delivery and client outcomes.
  • Foster strong client relationships through technical excellence and a consultative approach.
  • Create and maintain technical documentation, implementation guides, and best practice frameworks.
  • Provide technical expertise during the presales process to support new business opportunities.
  • Develop Level of Effort (LOE) estimates for proposed IAM implementations and contribute to Statement of Work (SOW) development.

What We're Looking For

  • Bachelor's degree in Computer Science, Information Security, or related field — or equivalent work experience.
  • 3–5+ years of experience in Identity and Access Management engineering or Consulting.
  • Hands-on experience with Okta (Universal Directory, Lifecycle Management, Workflows, API Access Management).
  • Experience implementing Microsoft Entra ID including Conditional Access, Identity Protection, and Entra Connect.
  • Working knowledge of Ping Identity solutions (PingFederate, PingOne, or PingAccess).
  • Strong understanding of identity governance, SSO protocols (SAML, OIDC, OAuth), MFA, and access certification.
  • Experience with Windows/Linux server administration and Active Directory.
  • Familiarity with scripting (PowerShell, Python) and REST APIs.
  • Knowledge of common security frameworks and access control principles.

Nice to Have

  • 3-5 years of IT Professional services and consulting experience.
  • Professional certifications such as Okta Certified Professional/Administrator/Consultant, Microsoft Certified: Identity and Access Administrator Associate, Ping Identity Certified Professional, CISSP, CISM, Security+, CCSP, or similar.
  • Exposure to modern IAM capabilities: Passwordless authentication (FIDO2, WebAuthn, passkeys), Decentralized identity and verifiable credentials, Identity threat detection and response (ITDR), API security and OAuth 2.0 / OpenID Connect.

Technical Stack

  • Primary Platforms: Okta, Auth0, Ping Identity (PingFederate, PingOne, PingOne AIC), Microsoft Entra ID.
  • Infrastructure & Directories: Active Directory/LDAP, AWS, Azure, GCP.
  • Protocols & Standards: SAML, OIDC, OAuth, SCIM.
  • Tools: PowerShell, Python, REST APIs.
  • Security: SIEM.

Team & Environment

You will be part of the Access Management team, partnering with other engineers and architects. Mentorship at all levels is foundational to our culture.

Benefits & Compensation

  • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans).
  • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans.
  • 12 corporate holidays and a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Eligibility for retirement plan after 2 months at open enrollment.
  • Pet Benefit Option.

Work Mode

This is a fully remote position for candidates located within the United States.

GuidePoint Security is an equal opportunity employer.

Required Skills
OktaAuth0Ping IdentityMicrosoft Entra IDSAMLOIDCOAuthSCIMActive DirectoryLDAPSIEMIAM ArchitectureCIAMAccess ManagementIdentity Governance
Your first international client?

Don't lose them over invoicing

Clients ghost freelancers with unprofessional invoicing. Glopay gives you a real EU company partnership so they take you seriously from invoice #1.

Instant EU company partnership
Invoice builder with your branding
Automated payment reminders
Real-time payment tracking
Get EU company now
Ready in 24 hours
About company
Ethos

Ethos is a leading life insurance technology company on a mission to protect families by democratizing access to life insurance and empowering agents at scale. It offers instant, accessible life insurance products with a seamless online process requiring no medical exams.

Visit website
Job Details
Category security
Posted a month ago

Similar Jobs

Other opportunities you might be interested in

Signet Jewelers

Web App Firewall Security Engineer (Remote)

Signet Jewelers

remote
CrowdStrike

Sr. Security Researcher (Remote)

CrowdStrike

Remote (Global)
CloudLinux

Malware Intelligence Analyst (PHP) (worldwide remote, work anywhere)

CloudLinux

Brazil Remote (Global)
IT-Security Coach GmbH

Senior Consultant und Auditor ISMS (mwd)

IT-Security Coach GmbH

Hybrid
RD Service

Senior Information Security Lead - 115k.

RD Service

Hybrid
Blackpoint Cyber

MDR Analyst Skillbridge Intern - Swing Shift (4pm - 12am ET)

Blackpoint Cyber