← all jobs

[Remote] Lead Cloud/AI/IAM Architect & Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. Centric Consulting is a consulting firm known for its vibrant culture and commitment to collaboration and individual growth. They are seeking a Lead Cloud/AI/IAM Architect & Engineer responsible for designing and implementing identity and access management capabilities across cloud environments, ensuring secure and scalable identity services. The role involves technical leadership, architecture governance, and collaboration with multiple teams to enhance IAM solutions.

Responsibilities

  • Own the cloud IAM reference architecture across AWS, Azure, and GCP, including identity patterns for workforce, partners, and non-human identities (workloads/services)
  • Define and drive adoption of authentication and authorization patterns (SSO, federation, MFA/adaptive access, API access, service-to-service identity) aligned to security standards and business requirements
  • Establish and maintain reusable architecture artifacts: reference architectures, standard integration patterns, design templates, configuration baselines, and guardrails
  • Lead architecture reviews and provide technical governance to ensure consistent implementation across cloud and application teams
  • Design, build, and integrate IAM solutions using:
  • Okta (SSO, federation, lifecycle integrations, MFA/adaptive policies, app integrations)
  • SailPoint (identity governance, provisioning workflows, access reviews/certifications, role and entitlement modeling)
  • CyberArk (privileged access management, credential/session controls, privileged workflows)
  • HashiCorp (Vault/secrets management, dynamic secrets where applicable, identity-based access to secrets)
  • Engineer secure cloud access patterns across AWS/Azure/GCP, including least privilege designs, account/subscription/project onboarding patterns, and role-based access models
  • Build and support modern identity integrations using standards and protocols (SAML, OIDC, OAuth 2.0, SCIM; familiarity with XACML/SPML as applicable)
  • Develop automation and repeatability via scripting and/or infrastructure-as-code approaches (e.g., Terraform), improving time-to-deliver and reducing manual effort
  • Translate IAM strategy and security policies into implementable engineering standards (e.g., privileged access requirements, access request flows, secrets handling standards, non-human identity controls)
  • Identify and mitigate IAM risks in cloud and hybrid environments (e.g., privileged sprawl, excessive permissions, token/session risks, misconfiguration, secrets leakage)
  • Partner with Security, Cloud Platform, and Compliance teams to ensure IAM solutions meet regulatory and audit expectations
  • Own and maintain the IAM technical roadmap across Okta/SailPoint/CyberArk/HashiCorp, including modernization, integrations, technical debt reduction, and platform lifecycle planning for the cloud platform
  • Evaluate new capabilities from cloud providers and IAM vendors; recommend improvements based on emerging threats and business needs
  • Drive operational readiness for new IAM services: monitoring, alerting, runbooks, support transitions, and resilience/failover considerations
  • Serve as a technical escalation point for complex IAM issues and integrations
  • Mentor engineers and influence application and platform teams on secure identity patterns and implementation best practices
  • Communicate architecture decisions and tradeoffs clearly to engineering teams, product owners, and senior stakeholders
  • Interpret business needs and IAM strategy and convert them into secure, scalable architectures and engineering plans
  • Make technical decisions balancing security, usability, delivery speed, operability, and cost
  • Drive alignment across stakeholders and teams through architecture leadership and clear technical direction

Skills

  • Deep experience in enterprise IAM architecture and engineering, including SSO/federation, authentication, authorization, identity lifecycle, and privileged access
  • Strong understanding of IAM protocols and standards: SAML, OpenID Connect, OAuth 2.0, SCIM (plus familiarity with related standards as needed)
  • Strong security foundation: least privilege, privileged access controls, secrets management, segmentation, auditing/logging, and identity threat considerations
  • Hands-on experience designing IAM models across AWS(IAM roles/policies, cross-account access patterns, identity federation)
  • Azure (Entra ID/Azure RBAC patterns, subscription management concepts)
  • GCP (IAM roles, service accounts, workload identity concepts)
  • Understanding of cloud operating models across IaaS/PaaS/SaaS and how identity patterns differ across them
  • Proven implementation experience with: Okta for identity provider patterns, app onboarding, MFA/adaptive access, lifecycle integrations
  • SailPoint for governance, provisioning, role/entitlement modeling, certifications
  • CyberArk for privileged access workflows, vaulting, session controls
  • HashiCorp Vault (and related tooling) for secrets lifecycle and secure access patterns
  • Strong scripting/automation capability (e.g., PowerShell, Python) and experience with IaC (e.g., Terraform) for scalable delivery
  • Ability to produce high-quality technical documentation: diagrams, designs, standards, and implementation guides
  • Excellent troubleshooting and analytical skills; ability to design for resiliency and failure modes
  • Strong written and verbal communication skills with the ability to influence and lead across teams
  • Comfortable leading technical delivery, mentoring others, and operating with minimal supervision in a complex environment
  • Experience with Zero Trust and modern conditional access/adaptive access patterns
  • Experience integrating IAM telemetry into SIEM/SOAR and supporting identity threat detection/response workflows
  • Exposure to API management and service-to-service security patterns (mTLS, JWT validation, OAuth client credential flows)
  • Familiarity with AI/ML-driven identity controls and adaptive access tuning

Benefits

  • Health coverage
  • Wellness programs
  • 401K company match
  • Self-managed PTO
  • Other unique incentives that celebrate your accomplishments
  • Remote and Hybrid Work
  • Time Off When You Need It
  • Benefits That Flex
  • Professional Development

Company Overview

  • Centric Consulting provides full-service management consulting services. It was founded in 2001, and is headquartered in Dayton, Ohio, USA, with a workforce of 1001-5000 employees. Its website is http://centricconsulting.com/.
  • Company H1B Sponsorship

  • Centric Consulting has a track record of offering H1B sponsorships, with 11 in 2025, 8 in 2024, 19 in 2023, 11 in 2022, 3 in 2021, 9 in 2020. Please note that this does not guarantee sponsorship for this specific role.
  • More open positions

    [Remote] Customer Success Manager

    Work from home Full-time role

    [Remote] Staff Software Engineer, Machine Learning

    Work from home Full-time role

    [Remote] Legal Content Creator (Family Law - AZ)

    Work from home Full-time role

    [Remote] Senior Software Developer – Healthcare Education Platform

    Work from home Full-time role

    [Remote] Senior Software Engineer, Data

    Work from home Full-time role

    Veterinary Technician: Intermediate Care Ward

    Work from home Full-time role

    Senior MLOps Engineer - SRE | DevOps

    Work from home Full-time role

    Manager, Clinical Data Management in a CRO - Full Time REMOTE, some travel

    Work from home Full-time role

    Retail District Manager

    Work from home Full-time role

    [Remote] Communications Associate, Email Marketing & Newsletter Publishing (Remote)

    Work from home Full-time role

    Security Lead Applications Developer job at UPS – United Parcel Service in Alpharetta, GA, Atlanta, GA, Louisville, KY

    Work from home Full-time role

    [Remote] Senior Renewals Account Manager - APJ

    Work from home Full-time role

    Finance & Operations Manager

    Work from home Full-time role

    Remote Scheduling Specialist (DAY or NIGHT SHIFT)

    Work from home Full-time role

    Licensed Practical Nurse (LPN) – Principal Care Management (PCM)

    Work from home Full-time role

    Steuerfachkraft (m/w/d) in Forchtenberg mindestens 52.000€ - 100% Remote möglich

    Work from home Full-time role

    Academic Advisor, Part-Time & Online Program Administration

    Work from home Full-time role

    Experienced Full Stack Data Scientist – Web & Cloud Application Development

    Work from home Full-time role

    [Remote] Engineering Manager, Strategic Projects

    Work from home Full-time role

    Remote Data Entry Specialist – Enchanting Digital Operations for careerzynith – Work‑From‑Home, $25/hr

    Work from home Full-time role

    Workers Compensation Claims Advisor

    Work from home Full-time role