Social network you want to login/join with:
IAM Architect
Start Date: ASAP
Contract Length: 6 Month Contract
Location / Remote Working: Fully Remote
Pay Rate: 550 – 650 CHF Per Day
Summary
Trust in SODA is collaborating with a global pharmaceutical company who are seeking an experienced IAM Architect with expertise in Active Directory (AD) and EntraID/Azure AD B2B and B2C to lead the strategic redesign and automation of their identity and access management infrastructure.
Essentials
* 8+ years of hands-on experience in designing and implementing Active Directory architecture for large-scale environments.
* In-depth expertise in AD security, automation, and management tools (e.g., AD Manager Plus).
* Proven experience addressing legacy IAM infrastructure challenges, particularly security vulnerabilities and scalability issues.
* Strong knowledge of GxP compliance, audit readiness, and industry standards for AD environments.
* Strong project leadership skills with experience overseeing end-to-end AD transformation projects.
* Certifications in Microsoft AD or related technologies (e.g., Microsoft Certified: Identity and Access Administrator) are preferred.
* Advanced knowledge in setting up disaster recovery solutions, including cross-site replication and failover, specifically for AD and Azure AD environments.
* Strong analytical and problem-solving skills, with the ability to make informed decisions quickly.
* Experience in a GxP-regulated environment is highly desirable.
* Familiarity with high-availability solutions and disaster recovery strategies for IAM environments.
Key Responsibilities
* Conduct a detailed assessment of the existing AD and EntraID/Azure AD environment, identifying gaps in scalability, security, data quality, and operational efficiency.
* Review and address security exposures from legacy configurations and weak protocols identified in recent penetration tests.
* Complete the gap analysis and deliver a strategic plan to address IAM vulnerabilities, scalability issues, and inefficiencies.
* Collaborate with internal stakeholders to understand business objectives, growth plans, and IAM-related pain points.
* Design a new, scalable architecture that integrates AD with Azure AD B2B and B2C capabilities, ensuring support for both internal and external identity management needs.
* Ensure the new architecture enhances security, mitigates risks, and improves operational resilience.
* Align the AD structure with business needs and regulatory requirements, ensuring compliance with industry standards and GxP.
* Strengthen security by eliminating weak protocols, improving access control, and implementing Multi-Factor Authentication (MFA) and Privileged Access Management (PAM).
* Reduce the organization's exposure to ransomware and other cyber threats by implementing resilient disaster recovery solutions for AD and Azure AD environment.
* Implement automation solutions to streamline IAM processes across AD and Azure AD, including user provisioning, de-provisioning, and group management.
* Introduce/deploy real-time monitoring tools to track AD and EntraID system health, security, and performance, ensuring timely detection of issues.
* Establish clear procedures and standards, such as naming conventions, organizational unit (OU) structure, and Group Policy Object (GPO) management.
* Design the IAM environment to be future-proof, capable of supporting the organization's long-term growth and scalability.
* Ensure the IAM structure and tools are adaptable to support emerging business requirements and new technology integrations.
* Ensure the redesigned AD environment is resilient and supports business continuity in case of incidents or disasters.
* Achieve regulatory compliance (e.g., GxP, GDPR) and improve audit readiness to protect the company from potential fines and reputational damage.
* Design the IAM structure to be audit-friendly, providing clear traceability and control over user access and permissions.
* Collaborate closely with the IAM Engineer for Directory Services and the Microsoft Services Team to lead a thorough clean-up of legacy data within the AD environment.
* Drive initiatives to enhance AD data quality by implementing automation tools and standardizing processes.
* Ensure the removal of outdated user accounts, groups, and security settings to improve overall AD hygiene and maintain a secure, efficient directory structure.
#J-18808-Ljbffr