Senior Information Security Architect - Cloud IAM

Senior Information Security Architect – Cloud IAM

For Futures Financial, Planning, a financial advisory practice of Ameriprise Financial Services LLC

We are seeking a highly skilled Senior IAM Security Architect to join our information security architecture team. This role requires deep expertise in the design, implementation, and management of IAM security controls, with a focus on identity protection across cloud environments.

• Participate in design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ), ensuring all components align with best practices and organizational security requirements.
• Develop security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments.
• Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network.
• Integrate Zero Trust principles with cloud‑native security tools and IAM platforms (e.g., AWS, Azure, Entra ) to ensure seamless, secure, and dynamic access control.
• Automate risk‑based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events.
• Establish and enforce least privilege access principles for all roles across cloud and on‑prem environments, ensuring users only have the minimal access necessary to perform their job functions.
• Design and implement Just‑in‑Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets.
• Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards.
• Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems.
• Implement and manage MFA solutions to enhance authentication security, applying risk‑based policies to ensure strong protection for sensitive data and critical resources.
• Develop and integrate IAM security controls with cloud platforms such as AWS, Azure, and Entra , ensuring secure access management across both public and hybrid cloud environments.
• Work closely with cloud engineers and architects to align IAM security protocols with cloud service provider best practices, while ensuring compliance with industry standards.
• Leverage native security features of cloud platforms (e.g., AWS IAM, Azure AD, Entra ) to design scalable, secure, and automated IAM solutions.
• Lead the migration process from Hybrid Active Directory to Entra‑ authentication to ensure minimal disruption and proper synchronization and federation across systems.
• Develop and maintain security governance frameworks for IAM, focusing on identity lifecycle management, role‑based access control (RBAC), user provisioning, deprovisioning, and enforcement of least privilege.
• Ensure proper identity governance and access reviews are conducted regularly, documenting changes and exceptions as part of compliance audits.
• Collaborate with cross‑functional teams, including application security, network security, infrastructure, and Dev Ops, to integrate IAM security best practices across systems and services.
• Stay up to date on the latest IAM trends, security threats, and technology advancements to continuously improve IAM practices and solutions.
• Implement security automation tools and workflows to improve efficiency and reduce manual efforts in identity management and access control.

• Bachelor’s degree in computer science, Information Security, or related field.
• Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification.
• 7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design.
• Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and…