Identity and Access Management Architect / Engineer (Consultant/Senior Consultant), Cyber Risk Job description Connect to your Industry Cyber security plays a vital role across all industries, protecting businesses from the growing threat landscape and ensuring the confidentiality, integrity, and availability of their critical data and services. Our mission in Cyber at Deloitte is to support our clients across industries navigate this ever-changing threat landscape by deploying powerful solutions and providing robust managed services. We simplify complexity, protect and enable our clients, accelerate innovation, and improve profitability. Connect to your career at Deloitte Deloitte drives progress. Using our vast range of expertise, we help our clients' become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more. What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for measurable impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. Connect to your opportunity We are seeking experienced Identity and Access Management professionals with a strong background in architecture and engineering. The ideal candidate will have experience in supporting the design, implementation and testing identity and access management solutions. The ability to maintain and operate the technology is considered a strong asset. This role will involve working closely with cross-functional teams to ensure seamless deployment and integration of identity solutions, as well as contributing to the ongoing operation and maintenance of IAM technologies across our clients. As part of this role, you will be expected to: Ø Support the definition of IAM use cases, functional and non-functional solution requirements, and technical specifications, such as those for user authentication, access control, integration, performance and scalability requirements and specifications.
• IAM solutions by creating high-level and low-level designs that align with business objectives and comply with industry cybersecurity standards (e.g., NIST). For example, this includes:
• Creating high-level and low-level system architecture diagrams with technical descriptions of each component.
• Defining the dependencies to implement the solution, e.g., network rules, server resources, storage requirements.
• Defining the system specifications to support optimal performance.
• Integrating workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, multi-factor authentication solutions, and cloud platforms like Amazon Web Services (AWS) and Azure.
• Defining the Responsible, Accountable, Consulted, and Informed (RACI) matrix to operate and maintain the solution's infrastructure components.
• technical documentation for IAM implementations including process documentation to enable operation of the solution e.g., defining processes which cover user onboarding, access requests, identity governance, approval workflows, authentication workflows, provisioning/deprovisioning tasks.
• IAM solutions:
• Install solution components in on-premise environments where relevant, or configuration of cloud components (and scripting / coding of plug-ins / extensions for cloud solutions)
• Work with IT infrastructure teams to ensure pre-requisites and dependencies have been met and are in place.
• Integrate IAM solutions with existing enterprise applications/systems such as directories, cloud applications, HR systems and third-party identity providers.
• unit, integration, functional and non-functional testing for IAM solutions. As part of this, troubleshoot and resolve issues (e.g., authentication failures, access policy conflicts, user provisioning errors etc.) by working with vendors. Ø Support the delivery of services post-implementation, from hyper-care support, resolving additional issues in production through advanced troubleshooting and debugging to ensure smooth operation. Ø Conduct knowledge transfer to client IAM teams through technical training sessions on operating and maintaining the solution, empowering clients to effectively manage and support the IAM environment. Connect to your skills and professional experience Whilst a bachelor's degree (or equivalent) in Computer Science or Engineering is desirable, we are more interested in your real-world professional experience and your ability to turn this into impactful client outcomes. Key skills - not every candidate requires all of these but should be familiar and/or have experience with a majority of these: Technical Skills: The skills we want you to ultimately have will cover:
• Broad enterprise identity experience across Enterprise and Customer Authentication, with demonstrable ability to build identity strategies which integrate into client enterprise architectures and beyond.
• Experience in working with IGA, PAM, AM, AD and CIAM solutions such as SailPoint, Saviynt, etc.
• Experience working in a digital transformation environment supporting the definition of Identity architecture leveraging cloud native and/or other IAM solutions.
• Advanced, practical experience of cloud hosting services including, Amazon Web Services, Microsoft Azure, Google Cloud Platform.
• Hands-on experience of Microsoft Active Directory/Azure AD Domain Services, Federation Services, Certificate Services, DNS and DHCP.
• Understanding of decentralised identity, verifiable credentials, microservices and Trust over IP architecture stack. In addition to the above the following are desirable:
• Understanding of malware and the modern threat landscape
• Relevant certifications (e.g. CIAM, CISSP, CAMS, etc.)
• Exposure to/Understanding of DevOps tools and repositories (e.g. Git, Azure Dev Ops, Kubernetes, Docker, Jenkins, Ansible etc.)
• Role based access control (RBAC) design
• Practical experience with Linux operating systems
• Experience with Modern Authentication concepts e.g. Self-Service Identity, Bring your own Identity, SCIM, SAML, WS-Federation, OAuth, Open ID Connect Soft Skills:
• Experience with waterfall and agile type methodologies, often working within client specified frameworks.
• Managing junior team members across a mix of locations, cultures, and experience levels.
• Detail oriented and strong problem-solving skills.
• Excellent oral and written communication skills including concisely communicating status and creating customer reports and presentations. Connect to your business - Technology and Transformation Organisations across industries such as Financial Services, Government and Public Services, Consumer, etc are increasingly relying on and innovating through technology. Therefore, our business, Technology and Transformation sits at the core of these organisational strategies to enable safe innovation and growth.