Enterprise Security and IAM Architect-Direct Hire
This is a direct hire role
Location: San Antonio, TX (ONSITE)
The Enterprise Security and IAM Architect is a combined practical and strategic position that involves establishing technical strategy, defining enterprise security and IAM architectures and leading solution implementations from a technology perspective. The position provides technical guidance and training to the implementation teams, serves as technology and best practices evangelist and ensures that implementations follow the finest of implementation standards and principles. This position advises technical management and business areas on key architectural decisions regarding platforms and supporting technologies. This position produces technical architectures (documented by deliverables) that are scalable, maintainable, dependable, secure, and meet performance requirements. This position represents the Enterprise Information Technology (EIT) organization and works across the company to deliver technical solutions, including providing continuity on major solution decisions, communicating technology solution value across all levels of the company and ensuring solutions are implemented according to the defined solution architecture and technical standards.
Tasks and Responsibility
· Responsible for enterprise security architectural design and planning in a hybrid cloud environment.
· Designing data-centric security architectures to ensure appropriate control over data use and protection.
· Responsible for the strategy and enablement of identity and security solutions that include DLP, Encryption, Key Management, Identity Management, Secure Data Transport, audit, event detection, CASB, Intrusion Prevention, Remote Access, Firewall and more.
· Understanding the Enterprise’s Identity Management current requirements, future state and industry best practices to plan and implement Identity & Access Management (IAM) solutions.
· Responsible for architecting IAM in a hybrid cloud environment, user/service/device authentication & authorization, managing enterprise identities and entitlements.
· Architecting the security posture of enterprise Operational Technology (OT) environments to help ensure compliance with NERC and other regulatory bodies.
· Should have a solid understanding of general IT application structures, the supporting components to the network, and general overall wholistic IT functions, operations and general dataflows of the enterprise to enable planning and implementation of best practice security measures.
· Must be knowledgeable of past, present, and upcoming security technologies, standards, and best practices to properly plan and implement solutions in the most effective way.
· Develop enterprise security architectural patterns, approaches and design solutions, research new technologies and approaches.
· Plan on how security controls are used (CASB, CSMP, CNAPP, CWPP and so on) and how they are deployed.
· Create security standards and roadmaps, develop recommendations for migrating to future standards. Responsible for the security design, architecture and automation designs of on premise, wide area and Cloud solutions.
· Partner with vendors to select appropriate technical solutions.
· Collaborate with stakeholders to develop consensus, drive results, and execute projects across the organization on time and within budget.
· Manage several simultaneous initiatives from conception through implementation.
· Contribute to security standards and design patterns.
· Deliver solutions tailored to internal business requirements.
· Articulate design rationale, flexibly adapt solutions, and iterate designs when required.
· Provide 3rd level support and input as required to teams diagnosing reported issues, providing root cause analysis to management and the business teams.
· Work closely with Senior management, Architecture, Application managers and IT Security, BTE and operations teams.
· Enhances efficiency via automation when and wherever possible. Cross train other team members on projects, and network technologies.
· Bachelor’s degree from accredited university in technology or related field.
· Strong leadership skills; coaching and mentoring skills. Exceptional communication and interpersonal skills - including negotiation, facilitation, and consensus building skills; ability to influence and persuade, without direct control.
· High degree of flexibility and ability to work with employees at all levels of the organization with diverse backgrounds.
· Strong desire to drive change, and ability to adapt to change quickly. Recognized as a thought leader.
· Proven ability to work creatively and analytically in a problem-solving environment.
· Excellent written and oral communication and interpersonal skills.
· Excellent leadership and management
· TOGAF Certification or equivalent.
· Enterprise security architecture experience in a complex, multi-platform distributed
· Strong experience with On-Prem / Private, Public Cloud network, identity and application
· Experience and knowledge of security methods and solutions to support: DLP, Encryption,
Key Management, Fine Grained Access Control, Audit Trail, Detection, CASB, Micro
segmentation, Cybersecurity Mesh, Secure Access Service Edge (SASE) and others.
· Knowledge of industry security standards and frameworks such as Payment Card Industry
(PCI), HIPAA NIST, ISO 27001 and Cybersecurity Framework (CSF).
· Familiar with principles of cloud security and solutions including native cloud provider
security, Office 365 security and Cloud Security Posture Management (CPSM)
· Specific experience securing Microsoft Azure hosted services.
· Experience with Identity Management Solutions and leading products in the marketplace.
· CISSP or equivalent technical certification will be beneficial.
· Experience architecting and implementing network security & QoS technologies.
· Able to develop opportunities, pitch and deliver security related projects.
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178.
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.