Cyber Architect

Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team.

Job Title: Cyber Architect

Location(s): Chicago, IL (Remote)

We are seeking an experienced and forward-thinking Identity & Access Management (IAM) Architect to lead the design, implementation, and optimization of our enterprise IAM ecosystem. The ideal candidate brings deep expertise across IGA, Authentication/Access Management, and Privileged Access Management, combined with strong architectural vision, innovation mindset, and the ability to drive modern, scalable identity solutions across cloud and hybrid environments.

• Architect and implement enterprise IGA solutions using SailPoint or Saviynt along with Entra  Governance.
• Lead lifecycle management design: onboarding, provisioning, deprovisioning, access certification, and governance workflows.
• Develop RBAC/ABAC models, SoD rules, and governance frameworks.

• Design and operationalize authentication and authorization services using Okta and Microsoft Entra .
• Drive modern authentication standards: OAuth 2.0, OIDC, SAML, Passwordless approaches, adaptive MFA, and conditional access.
• Implement Zero Trust-aligned identity architectures across cloud and on-premises applications.

• Architect and deploy Cyber Ark Privileged Access Security solutions including PSM, PIM, Vault, and EPM.
• Establish enterprise PAM strategy, secrets management, session monitoring, and least-privilege frameworks.

• Design end-to-end Identity frameworks for AWS and Azure, including account structure, federation, IAM roles/policies, and workload identity strategies.
• Implement identity controls aligned with cloud security best practices (least privilege, conditional access, just-in-time access).

• Serve as the IAM expert and thought leader, driving innovative solutions to complex security and identity challenges.
• Develop IAM roadmaps, reference architectures, standards, and best practices.
• Lead architectural reviews, threat modeling, and integration strategies for enterprise applications and cloud services.
• Collaborate with security, engineering, compliance, and business teams to align IAM capabilities with organizational goals.

• U.S. Citizen (required).
• 10+ years overall experience in Identity & Access Management or related security domains.
• Expert level experience in:
  • IGA:
    SailPoint or Saviynt, Entra
  • AM:
    Okta, Entra , SSO, federation, MFA
  • PAM:
    Cyber Ark (PIM, PSM, Vault, EPM)
• Strong experience designing IAM architectures for Azure and AWS cloud platforms.
• Hands-on expertise with authentication protocols (SAML, OAuth, OIDC), directory services, and identity federation.
• Proven ability to design scalable, secure IAM integrations with SaaS, cloud, and on-prem applications.
• Strong analytical, problem-solving, and architectural design skills.
• Ability to communicate complex technical concepts to non-technical stakeholders.

• Experience with Zero Trust frameworks and modern identity security patterns.
• Familiarity with Dev Sec Ops , CI/CD pipeline integrations, and identity automation.
• Knowledge of compliance frameworks such as SOX, HIPAA, NIST, ISO
  27001.
• Scripting skills in Power Shell, Python, or similar for automation.

• Thought leader with a passion for innovation and continuous improvement.
• Out-of-the-box thinker who brings creative, modern solutions to identity challenges.
• Quick learner with high adaptability to new technologies and dynamic environments.
• Strong can-do attitude, proactive mindset, and ownership-driven work style.
• Ability to work independently and collaboratively in a fast-paced environment.

• Bachelor's or master's degree in computer science, Information Security, or related field (preferred).
• Useful certifications (nice to have):
  • Microsoft Identity (SC-300), Azure Architect, Okta Consultant/Professional
  • SailPoint or Saviynt certified engineer/architect
  • Cyber Ark Defender/Sentry/Client
  • CISSP, CCSP, or other security certifications.

Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans or individuals with disabilities.