RemoteJobs.org mascotRemoteJobs.org
Remote JobsCompaniesAPIPost a Job
RemoteJobs.org mascotRemoteJobs.org

Find your dream remote job. Browse thousands of remote positions from top companies worldwide.

Job Categories

  • General
  • Programming
  • Design
  • Marketing
  • Sales
  • Customer Support

Resources

  • Browse Jobs
  • Companies
  • Post a Job
  • For Developers
  • Blog

Company

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service
© 2026 RemoteJobs.org. All rights reserved.
    ← Back to all jobs
    R

    Senior IAM Architect

    Resideo
    Full-time
    RemoteCyber SecurityToday

    About this role

    We are seeking an Identity and Access Management (IAM) Architect to lead the design and evolution of our enterprise identity strategy. You will define how identities are securely managed, authenticated, and authorised across all environments—enabling a scalable, Zero Trust-aligned approach that protects the business while delivering a frictionless user experience. This is a high-impact role at the centre of our security and digital transformation journey.

    JOB DUTIES:

    • Own the enterprise IAM architecture strategy, target state, and roadmap across cloud, on-premises, and hybrid environments, aligned to Zero Trust and security standards.

    • Serve as the IAM technical authority and provide hands-on architectural leadership across infrastructure, cloud, and platform security initiatives.

    • Design and document end-to-end IAM capabilities across IGA, access management, PAM, secrets, and non-human identities.

    • Define integration patterns and reference architectures; evaluate build vs. buy and emerging IAM capabilities (e.g., passwordless, AI/agentic identities, decentralised identity) to deliver scalable services across applications, infrastructure, and DevOps tooling.

    • Architect authentication and authorisation (SSO, MFA, RBAC/ABAC) and standardize protocols (OAuth2/OIDC, SAML, SCIM, LDAP).

    • Lead IAM platform design and integration across cloud/hybrid (e.g., Microsoft Entra ID, Active Directory, SailPoint, PingFederate/Ping Identity, AWS IAM, CyberArk or equivalent).

    • Define identity lifecycle controls (joiner/mover/leaver, provisioning, access certifications, and role/entitlement modeling).

    • Identify IAM risks and architecture gaps; define constraints and mitigations, and drive remediation through roadmap and delivery items.

    • Ensure IAM controls and integrations meet security and regulatory requirements (e.g., NIST SP 800-63, ISO 27001, SOC 2, GDPR) and support audit activities.

    • Partner with business stakeholders to align IAM outcomes to enterprise objectives and communicate decisions and tradeoffs to senior leadership.

    YOU MUST HAVE:

    • Strong experience in the identity and access management, preferably at architecture level, however IAM Engineers seeking opportunities to advance to an architecture role will be considered

    • Strong experience across core IAM domains: IGA (lifecycle, certifications), access management (SSO/MFA), Conditional Access, PAM, and non-human identity (workload/service identities), with hands-on-experience with one or more enterprise IAM platforms (e.g., Microsoft Entra ID/Azure AD, Okta, Ping, SailPoint) and integration across cloud/hybrid environments.

    • Deep knowledge of authentication/authorisation patterns and protocols: OAuth 2.0/OIDC, SAML 2.0, SCIM, and LDAP/AD.

    • Solid understanding of cloud IAM (AWS, Azure, and/or GCP), including identity federation and least-privilege design.

    • Experience assessing IAM risks and security controls, defining mitigations, and supporting audits and compliance requirements (e.g., NIST/ISO).

    • Strong analytical, problem-solving, and communication skills, with the ability to engage both technical and non-technical stakeholders effectively

    • Collaborative team player who adapts quickly to changing priorities while maintaining attention to detail

    WE VALUE:

    • Proven ability to define IAM target state, reference architectures, standards, and multi-phase roadmaps aligned to Zero Trust.

    • Experience with secrets management (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault).

    • Knowledge of DevSecOps practices and integrating IAM controls into CI/CD pipelines.

    • Exposure to machine/workload identity federation (e.g., SPIFFE/SPIRE) and modern approaches to non-human identity.

    WHAT'S IN IT FOR YOU:

    • Funding provided to support your self-development

    • Fully remote working model

    • Meal ticket for each day worked

    • Medical coverage to support your health and wellbeing

    • 26 days of vacation

    About Resideo

    R
    Resideo

    Hiring remote talent?

    Reach active remote job seekers from $149.

    Related Jobs

    Senior Information Security Operations Center Analyst

    Ryder System, Inc. · USD 85,000 - 95,000

    Cloud Security Analyst

    Cloudbeds

    Quality Control

    Esteem