IAM Specialist
Job Summary
Job Description
Brillio is seeking a seasoned Senior IAM Consultant to conduct a comprehensive assessment of the identity landscape for a global financial services firm in capital markets. The role involves evaluating the client's Identity & Access Management (IAM) program, ensuring alignment with zero-trust principles and regulatory obligations. Key responsibilities include assessing IAM governance, operations, architecture, tools, and compliance, analyzing identity lifecycle processes, and evaluating enterprise-level IGA platforms and PAM solutions. The consultant will also conduct deep dives into Active Directory and Azure AD architectures, validate authentication mechanisms, and map regulatory requirements to IAM controls. The goal is to identify identity-related risks and produce a phased roadmap for IAM transformation.
Must have:
- 7+ years of experience in IAM or security architecture
- Experience with IGA platforms (SailPoint, Saviynt, ForgeRock)
- Experience with PAM/PIM solutions (CyberArk, BeyondTrust, Delinea)
- Proficiency in Active Directory/Azure AD
- Experience with SSO/MFA frameworks (Okta, Ping Identity, Microsoft Entra)
- Experience in IAM audits and regulatory control mapping in capital markets
Good to have:
- SailPoint Certified IdentityNow/IIQ Engineer or Architect
- Saviynt Certified Implementation Specialist
- ForgeRock Identity Cloud Architect
- CyberArk Defender/Sentry/Guardian
- BeyondTrust Certified Administrator
- Microsoft SC-300 or AZ-500 (with PAM focus)
- CISSP
- CISM
- AWS Security Specialty
5 skills required
Job Details
About Brillio:
Brillio is one of the fastest growing digital technology service providers and a partner of choice for many Fortune 1000 companies seeking to turn disruption into a competitive advantage through innovative digital adoption. Brillio, renowned for its world-class professionals, referred to as "Brillians", distinguishes itself through their capacity to seamlessly integrate cutting-edge digital and design thinking skills with an unwavering dedication to client satisfaction.
Brillio takes pride in its status as an employer of choice, consistently attracting the most exceptional and talented individuals due to its unwavering emphasis on contemporary, groundbreaking technologies, and exclusive digital projects. Brillio's relentless commitment to providing an exceptional experience to its Brillians and nurturing their full potential consistently garners them the Great Place to Work® certification year after year.
IAM Specitist
Role Summary
- We are seeking a seasoned Senior IAM Consultant to lead a comprehensive assessment of the identity landscape for a global financial services firm operating in the capital markets domain. The ideal candidate will bring extensive, hands-on expertise across the IAM, IGA, and PIM/PAM stack, with a strong understanding of regulatory mandates, entitlement risk, and control enforcement in trading environments. This role will work closely with security leadership, risk teams, and technical stakeholders across front, middle, and back-office operations.
- You will assess and help strengthen the client’s Identity & Access Management program, ensuring alignment with zero-trust principles, least privilege enforcement, and capital markets regulatory obligations. Your insights will directly influence strategic initiatives around identity governance, privileged access management, and authentication frameworks in a high-risk, high-compliance environment.
- Work with a team to conduct a full-spectrum IAM assessment covering governance, operations, architecture, tools, and compliance alignment.
- Analyze identity lifecycle processes (JML – joiner, mover, leaver) across both human and non-human identities; identify automation and control gaps.
- Evaluate enterprise-level IGA platforms (e.g., SailPoint, Saviynt, ForgeRock Identity Governance, Oracle Identity Manager) for policy alignment, role engineering, certification campaign efficacy, and SoD enforcement.
- Assess privileged access workflows across PAM solutions such as CyberArk, BeyondTrust, Delinea (formerly Thycotic), One Identity Safeguard, and AWS/Azure-native PIM capabilities.
- Conduct deep dives into Active Directory and Azure AD/AAD B2B/B2C architectures and synchronization flows (e.g., Azure AD Connect, SCIM).
- Validate authentication mechanisms—including SSO, MFA, biometric factors, and adaptive access policies—across federated and hybrid environments using protocols such as SAML 2.0, OIDC, OAuth2.0, and LDAP.
- Map regulatory requirements from SOX, SEC, FINRA, NYDFS 500, GLBA, and GDPR to IAM-specific controls and gaps.
- Identify identity-related risks in trade support systems, front-office platforms, OMS/EMS, and financial data pipelines.
- Produce maturity heatmaps, capability gap analyses, and a phased roadmap for IAM transformation aligned to security objectives and business risk.
- Guide improvements in policy management, access recertification, entitlement management, and RBAC/ABAC strategy.
- 7+ years of hands-on experience in IAM, security architecture, identity governance, or cloud access control implementation.
- In-depth experience with IGA platforms like SailPoint IdentityNow/IIQ, Saviynt, or ForgeRock Identity Cloud in enterprise implementations.
- Demonstrated deployment or engineering experience with PAM/PIM solutions, such as any one or more of:
- Deep technical proficiency with:
- Experience conducting IAM audits, regulatory control mapping, and identity risk assessments in capital markets or investment banking. Preferred Certifications
- Identity Governance & Administration
- Privileged Access Management
- Security Architecture
- Cloud & Compliance
Key Responsibilities:
Required Skills & Experience
o CyberArk PAS/EPM/CPM
o BeyondTrust Password Safe
o Azure Privileged Identity Management & similar solutions
o Active Directory/Azure AD
o SSO/MFA/conditional access frameworks (Okta, Ping Identity, Microsoft Entra)
o Federation, provisioning connectors (SCIM, REST/SOAP APIs), and custom workflow orchestration
o SailPoint Certified IdentityNow/IIQ Engineer or Architect
o Saviynt Certified Implementation Specialist
o ForgeRock Identity Cloud Architect
o CyberArk Defender / Sentry / Guardian
o BeyondTrust Certified Administrator
o Microsoft SC-300 or AZ-500 (with PAM focus)
o CISSP (Certified Information Systems Security Professional)
o CISM (Certified Information Security Manager)
o AWS Security Specialty
Know more about DI: https://www.brillio.com/services-digital-infrastructure/
Know what it’s like to work and grow at Brillio: https://www.brillio.com/join-us/
Equal Employment Opportunity Declaration
Brillio is an equal opportunity employer to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding, and related medical conditions), and sexual orientation.
#LI-AY1
Similar Jobs
Rackspace Technology
Riyadh, Riyadh Province, Saudi Arabia (On-Site)
• 2 Weeks ago
Spaulding Ridge
Jaipur, Rajasthan, India (On-Site)
• 2 Weeks ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Saviynt
El Segundo, California, United States (Hybrid)
• 9 Months ago
Salesforce
Hyderabad, Telangana, India (On-Site)
• 3 Days ago
Get notifed when new similar jobs are uploaded
Jobs in New York, United States
oportun
Gilroy, California, United States (On-Site)
• 1 Week ago
Apple
Seattle, Washington, United States (On-Site)
• 1 Month ago
Simcorp
New York, United States (Hybrid)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Similar Category Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
