IAM Architect (Entra ID-Focused) Hybrid in Plano

Req ID: 373981 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a IAM Architect (Entra ID-Focused) Hybrid in Plano to join our team in Plano, Texas (US-TX), United States (US).

Senior IAM Architect with deep expertise in Microsoft Entra ID, leading enterprise identity architecture with a primary focus on cloud identity, conditional access, zero trust, and hybrid identity. Complements Entra ID leadership with strong experience in SailPoint, CyberArk, and PKI.

Role Summary:

The Senior IAM Architect is responsible for defining and delivering enterprise identity strategy with a primary focus on Microsoft Entra ID (Azure AD). This role will architect identity platforms, conditional access frameworks, and zero trust controls, while integrating SailPoint (IGA), CyberArk (PAM), and PKI services into a unified identity ecosystem.

The role partners with Security, Cloud, DevOps, and Application teams to ensure identity-first security, automation, and compliance, with Entra ID as the central control plane for workforce, application, and external identities.

Key Responsibilities:

Entra ID Architecture & Strategy (Primary Focus)

• Define and own the enterprise Entra ID architecture, including tenant design, identity governance, and security baselines.
• Design and implement Conditional Access policies, Zero Trust models, and identity protection controls.
• Architect hybrid identity solutions (Entra Connect, cloud sync) and identity lifecycle integration across on-prem and cloud.
• Lead SSO and federation strategy using SAML, OAuth, and OIDC across SaaS and custom applications.
• Design B2B and B2C identity solutions, including guest access governance and external identity management.
• Standardize role-based and attribute-based access models aligned to Entra ID capabilities.

Identity Governance & Administration (SailPoint)

• Integrate SailPoint with Entra ID for identity lifecycle management, provisioning, and certification campaigns.
• Design role models, entitlement mapping, and automated joiner/mover/leaver workflows.

Privileged Access Management (CyberArk)

• Align CyberArk PAM strategy with Entra ID, including privileged identity governance and least privilege enforcement.
• Design secure onboarding patterns for service accounts and privileged access workflows.

PKI and Identity Security Services

• Define PKI trust architecture and integrate certificate-based authentication with Entra ID.
• Lead certificate lifecycle automation for users, devices, and workloads.

Automation and Cloud Integration

• Drive automation of identity processes using SCIM, Graph API, and Infrastructure as Code (Terraform).
• Enable identity integration across Azure, AWS, and GCP using Entra ID as the identity provider.

Security, Risk, and Compliance

• Translate compliance and regulatory requirements into Entra ID controls and policies.
• Lead access reviews, audit readiness, and continuous monitoring of identity risks.

Leadership & Delivery

• Provide architectural leadership, design governance, and mentorship to IAM engineering teams.
• Partner with stakeholders to embed identity into enterprise cloud and application strategies.

Required Qualifications

• 10+ years of IAM experience with strong emphasis on Entra ID / Azure AD architecture and engineering.
• Demonstrated expertise in:
• Conditional Access, Identity Protection, and Zero Trust
• Hybrid identity (AD + Entra ID)
• Federation (SAML, OAuth, OIDC) and SSO integrations
• Hands-on experience integrating Entra ID with SailPoint and CyberArk.
• Strong understanding of identity lifecycle management and access governance.
• Experience with automation using PowerShell, Microsoft Graph API, Python, or Terraform.
• Working knowledge of PKI and certificate-based authentication.
• SIEM/Security monitoring tools experience

Preferred Qualifications

• Microsoft certifications: Azure/Entra Identity (SC-300 or equivalent)
• Experience with Zero Trust implementation frameworks
• Experience with Workday or HR-driven identity lifecycle integration
• Familiarity with cloud-native security and workload identity (Kubernetes, service principals, managed identities)

Soft Skills

• Strong communicator with the ability to translate complex identity concepts into business value
• Strategic thinker with hands-on technical depth in Entra ID
• Proven ability to drive identity transformation programs at scale

About NTT DATA

NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.