Identity and Access Management Architect

Reference Code 1872

Country: United States (US)

US Locations: USA - Hermitage; USA - Nashville; USA - Tampa

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Work you'll do

We are seeking a Senior Manager-level IAM Architect to partner with Senior IAM leadership team to define and drive the technical strategy and architecture for Identity and Access Management (IAM) across the organization. This role combines strategic leadership, hands-on solution design with product owners, and senior level stakeholder engagement, to secure identities, enable business objectives, and improve user experience across digital channels. This individual must have a pulse on the emerging identity technology trends and best practices to coordinate with Product Owners for integrated IAM architectures and roadmaps.

Core Responsibilities

• Partner with Senior IAM leadership team to define and own the enterprise IAM architecture, strategy, reference patterns, and roadmaps across authentication, authorization, identity lifecycle, privileged access, and account protection.
• Engage in executive level leadership conversations, translate business goals into IAM requirements, coordinate with IAM product owners on technical feasibility to ensure solutions scale and interoperate across on-premises, cloud, and hybrid environments.
• Partner with IAM product technical leads to assist with technical design and implementation for authentication (e.g. MFA, SSO, etc), authorization models (e.g. RBAC, ABAC, etc), identity provisioning, lifecycle management, and privileged access controls.
• Champion innovation with Identity and Access Management tools, evaluate and provide recommendations to product owners for consideration and integration with the existing platform, while balancing security, privacy, and usability.
• Architect secure integrations between IAM platforms and applications, directories, cloud services, and CI/CD pipelines, set standards and reusable patterns for developers.
• Partner with IAM Sr. Leadership team and IAM product technical leads to address IAM risk assessments, threat modeling, and remediation strategies, partner with security, risk, and compliance teams to implement controls and measure risk reduction.
• Partner with IAM product technical leads to oversee incident response activities as they relate to identity compromise, and lead post-incident root-cause analysis and remediation.
• Drive adoption: create technical guidance, architecture diagrams, and executive-level briefings, mentor architects and senior engineers on IAM best practices.
• Collaborate with product, engineering, and business leaders to prioritize roadmap items, measure outcomes (security posture, access-related incidents, time-to-provision), and demonstrate business value.
• Ensure compliance with relevant regulations and internal policies, support audits and attestations related to identity and access controls.

The team

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in what is but rather what can be to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Qualifications

Do you possess the following?:

• 10+ years of IAM experience with progressive technical leadership, experience in a consulting or large enterprise environment preferred.
• Proven track record designing, delivering, and operating enterprise-scale IAM solutions across cloud and on-prem environments.
• Deep technical knowledge of authentication/authorization protocols and standards (OAuth2/OIDC, SAML, SCIM, LDAP) and modern IAM architectures.
• Hands-on experience with at least two major IAM technologies (e.g., Entra ID/Azure AD, Microsoft AD, CyberArk, SailPoint, Ping Identity).
• Strong stakeholder management and communication skills, able to present technical concepts to executive audiences and translate business needs into technical requirements.
• Experience leading vendors, technical teams, and cross-functional workstreams to successful outcomes.
• Advanced degree (MS) or certifications (e.g., CISSP, CISM, SABSA, TOGAF, vendor-specific IAM certs).
• Experience with zero-trust identity models, identity governance, privileged access management, and modern authentication modalities (passwordless, biometrics, adaptive MFA).
• Prior experience building IAM programs or working in high-regulation industries (finance, healthcare, government).
• Balance strategic thinking with the ability to roll up sleeves and deliver technically where needed.
• Identity Providers / Directories: Entra ID/Azure AD, Microsoft AD
• Identity Governance and PAM: SailPoint, CyberArk
• Authentication & Federation: Ping Identity, OAuth2/OIDC, SAML, SCIM
• Cloud & DevOps integration: AWS/Azure/GCP identity services, CI/CD tooling

Our culture

At Deloitte Global people are valued and respected for who they are – with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.

Recruiting for this role ends on 02/01/2026.

 
Deloitte Global is required by local law to include a reasonable estimate of the compensation range for this role for individuals applying to work in our [Open Cities Requiring Pay Disclosure] locations. This compensation range takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and delivery model. We would not anticipate that the individual hired into this role would land at or near the top end of the range, but such a decision will be dependent on the facts and circumstances of each case. A reasonable estimate of the range is - for individuals applying to work in these locations.