1

Identity Access Management Architect Jobs (NOW HIRING)

next page

Showing results 1-20

Identity Access Management Architect information

See salary details

$21K

$116.4K

$189K

How much do identity access management architect jobs pay per year?

As of Jul 19, 2026, the average yearly pay for identity access management architect in the United States is $116,431.00, according to ZipRecruiter salary data. Most workers in this role earn between $95,500.00 and $143,000.00 per year, depending on experience, location, and employer.

What is the difference between Identity Access Management Architect vs Identity Access Management Engineer?

AspectIdentity Access Management ArchitectIdentity Access Management Engineer
CertificationsCertified Identity and Access Manager (CIAM), CISSPCISSP, CompTIA Security+
Work EnvironmentDesigns IAM frameworks, collaborates with stakeholdersImplements and maintains IAM solutions, supports systems
Employer & Industry UsageFinancial, healthcare, large enterprisesIT departments, security teams in similar industries

The main difference is that the Identity Access Management Architect focuses on designing and planning IAM systems, while the Identity Access Management Engineer handles the implementation and operational support of those systems. Both roles require relevant certifications and work within similar industries, but their responsibilities differ in scope and focus.

What does an Identity Access Management Architect do?

An Identity Access Management (IAM) Architect is responsible for designing and implementing systems that control and manage user identities and access permissions across an organization's digital resources. They ensure that only authorized users can access specific data or applications, safeguarding sensitive information and supporting regulatory compliance. IAM Architects work with technologies such as single sign-on (SSO), multi-factor authentication (MFA), and role-based access control (RBAC), and collaborate with IT teams to integrate security best practices throughout the company’s infrastructure.

How does an Identity Access Management Architect typically collaborate with other IT and business teams within an organization?

An Identity Access Management (IAM) Architect works closely with cross-functional teams, including IT security, application development, compliance, and business units. They are responsible for designing IAM solutions that align with organizational security policies while also supporting business requirements. Regular collaboration ensures that access controls integrate smoothly with existing systems and that user provisioning and deprovisioning processes are efficient and compliant. Effective communication and teamwork are essential, as IAM Architects often lead workshops, gather requirements, and provide guidance on best practices to both technical and non-technical stakeholders.

What are the key skills and qualifications needed to thrive as an Identity Access Management Architect, and why are they important?

To thrive as an Identity Access Management (IAM) Architect, you need a deep understanding of identity governance, authentication protocols, and security frameworks, typically supported by a degree in computer science or a related field. Familiarity with IAM tools such as Okta, SailPoint, or Microsoft Azure AD, as well as relevant certifications like CISSP or CISM, is highly valuable. Strong analytical thinking, communication, and problem-solving skills help you design secure, scalable solutions and collaborate effectively with stakeholders. These skills and qualifications are critical for protecting organizational assets, ensuring compliance, and enabling secure digital transformation.

What Is an Identity and Access Management Architect?

An identity and access management architect deals with data security. Their responsibilities are to design and maintain the software systems by which users interact with the network and data systems of an organization. They perform situational analyses and software testing to determine vulnerabilities in the company’s databases to ensure that sensitive information is protected. If issues arise with the organization’s data security, the identity and access management architect’s duties are to design and implement solutions to these weak points. They often also test the users of a system by creating situations in which they could unintentionally compromise the system security and analyze how users react to those situations.

What cities are hiring for Identity Access Management Architect jobs? Cities with the most Identity Access Management Architect job openings:
What are the most commonly searched types of Identity Access Management Architect jobs? The most popular types of Identity Access Management Architect jobs are:
Who are the top companies hiring for Identity Access Management Architect jobs? The top employers for Identity Access Management Architect jobs are:
What states have the most Identity Access Management Architect jobs? States with the most job openings for Identity Access Management Architect jobs include:
What job categories do people searching Identity Access Management Architect jobs look for? The top searched job categories for Identity Access Management Architect jobs are:
Infographic showing various Identity Access Management Architect job openings in the United States as of July 2026, with employment types broken down into 1% As Needed, 69% Full Time, 24% Part Time, and 6% Contract. Highlights an 95% Physical, 1% Hybrid, and 4% Remote job distribution, with an average salary of $116,431 per year, or $56 per hour.

Senior Manager, Identity & Access Management

Simpson Thacher and Bartlett LLP

New York, NY

Full-time

Re-posted 21 days ago


Job description

The Senior Manager, Identity & Access Management (IAM) is responsible for defining and advancing the Firm's enterprise IAM strategy to protect access to systems, applications, and data.

This role provides IAM strategy, governance, and risk oversight, partnering closely with global IT teams, HR, and business stakeholders. The ideal candidate is a hands-on technical leader with strong technical depth and proven delivery experience, able to translate security and compliance requirements into scalable, business-aligned IAM capabilities while enabling secure business operations. The person in this role must be detail-oriented with the ability to adapt rapidly to new challenges, think creatively and holistically, and quickly resolve unforeseen issues.

Essential Job Duties & Responsibilities

  • Develop and execute the firm's IAM strategy and roadmap aligned with enterprise security objectives, business priorities, and client requirements.
  • Establish and enforce identity governance and access management standards, including role-based access control (RBAC), least privilege, segregation of duties (SoD), and periodic access certifications, ensuring consistent adoption across the firm.
  • Define, maintain, and operationalize IAM policies, standards, procedures, and reference architectures to support consistent, auditable, and scalable access management practices.
  • Partner with technology risk and client assurance teams to support internal and external assessments and drive remediation of IAM-related findings.
  • Define security requirements and governance standards for IAM technologies and platforms, including Active Directory, Entra ID (Azure AD), SAML/SSO, MFA, PAM, and cloud-based IAM services.
  • Partner with Infrastructure and Application teams to support the secure implementation and ongoing operation of IAM controls across on-premises, cloud, and SaaS environments.
  • Own the selection, configuration, and lifecycle management of identity-specific security platforms, including authentication, identity governance, and privileged access management solutions in alignment with enterprise architecture standards.
  • Serve as the technical authority and escalation point for identity security platforms, responsible for architecture decisions, advanced configuration, integrations, upgrades, and decommissioning.
  • Maintain deep, hands-on expertise in Active Directory, Entra ID (Azure AD), Windows Certificate Services (CA), and core identity protocols, including LDAP, Kerberos, SAML, OAuth, and OpenID Connect.
  • Design, implement, and operate privileged access controls, strong authentication policies, and identity governance workflows within security-owned IAM and PAM platforms.
  • Design and develop automation and tooling to support IAM processes such as joiner/mover/leaver workflows, access provisioning and deprovisioning, access reviews, privileged access elevation, and certificate lifecycle management.
  • Reduce manual effort and operational risk by identifying opportunities to standardize and automate identity processes across platforms and environments.
  • Define and oversee user lifecycle management standards (joiner/mover/leaver), to ensure timely and secure onboarding, access changes, and deprovisioning.
  • Establish governance and oversight for digital certificate inventory and lifecycle management, including issuance, renewal, and revocation processes.
  • Identify IAM-specific risks such as misconfigurations, excessive access, orphaned accounts, and weak authentication controls, and partner with relevant stakeholders to prioritize and remediate issues.
  • Ensure IAM practices align with applicable regulatory, privacy, and security frameworks (e.g., SOX, GDPR, ISO 27001, NIST).
  • Develop dashboards, metrics, and reporting to provide visibility into IAM risks, control effectiveness, and program maturity for senior leadership.
  • Provide IAM subject-matter expertise during security incidents, investigations, and control failures.
  • Lead, mentor, and develop IAM engineers and analysts, fostering a culture of accountability, technical excellence, and continuous improvement.
  • Influence and collaborate with technical and non-technical stakeholders to drive adoption of IAM best practices without impeding delivery.
  • Communicate IAM risks, tradeoffs, and recommendations clearly to senior leadership and business stakeholders.
  • Stay current on emerging IAM threats, technologies, and industry best practices.
  • Drive continuous optimization of IAM governance processes to improve security, scalability, and user experience.
  • Participate in on-call rotation to support after-hours incident response and critical security operations as needed.

Education

Required

  • Bachelor's degree in information security, IT, risk management, related discipline, or equivalent experience

Preferred

  • Professional certifications such as CISSP, CISM, or similar

Skills and Experience

  • 15+ years of progressive experience in IT or Information Security, with at least 5 years in a leadership role focused on IAM or access governance.
  • Demonstrated success building, scaling, and operating enterprise-grade IAM programs in large, complex organizations, preferably in a hybrid environment (on-premises, multi-cloud, and SaaS).
  • Proven ability to define IAM strategy, roadmap, and operating models, aligning capabilities with business objectives, risk posture, and regulatory requirements.
  • Deep, hands-on expertise with identity lifecycle management, SSO, MFA, directory services (e.g., Active Directory, Entra ID), federation protocols (SAML, OAuth, OIDC), and PKI/certificate infrastructure.
  • Experience implementing and managing Identity Governance & Administration (IGA) platforms such as SailPoint, Saviynt etc.
  • Strong background in user access reviews, certification campaigns, entitlement modeling, role-based and policy-based access controls
  • In-depth understanding of NIST digital identity guidelines, including identity assurance and authentication levels
  • Familiarity with compliance frameworks and standards such as NIST CSF and ISO 27001.
  • Experience working in a global organization and collaborating across diverse business units.
  • Strong program and project management skills, with experience delivering complex initiatives on time and within budget.
  • Proven ability to manage third-party vendors, and software providers, including delivery oversight, and performance management.
  • Demonstrated ability to lead, mentor, and develop high-performing IAM engineering and operations teams.
  • Excellent executive communication and presentation skills, with the ability to clearly articulate risk, strategy, and technical concepts to both technical and non-technical audiences.
  • Strong interpersonal and collaboration skills, with comfort engaging regularly with senior leadership and key internal and external stakeholders.
  • Ability to manage multiple concurrent objectives and activities and make effective judgments in prioritizing and time allocation.
  • Must be able to execute with limited information and ambiguity.
  • Demonstrated continuous learning mindset, with the ability to stay current on emerging IAM technologies, security threats, vulnerabilities, and attack vectors
  • Passion for innovation, automation, and driving continuous improvement in IAM processes.

Salary Information

NY Only: The estimated base salary range for this position is $190,000 to $220,000 at the time of posting.

The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. This role is exempt meaning it is not overtime pay eligible.


Simpson Thacher will not sponsor applicants for work visas for this position.

Privacy Notice

For information about how Simpson Thacher & Bartlett LLP collects and processes your personal information, please refer to our Privacy Notice available athttps://www.stblaw.com/other/privacy-notice.

Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity.The Firm prohibits discrimination or harassment based upon race, color, religion, gender, gender identity or expression, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, veteran's status or any other legally protected status. This Policy pertains to every aspect of an individual's relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.

#LI-Hybrid