Jobs list
Contract
Feb. 17, 2026
Remote
IAM Architect
JOB ID
PLIAM2669
VISA STATUS
Only EU/CH Citizens
REMOTE OPTION
100%

Seeking a highly experienced IAM Architect with deep, hands on expertise in SailPoint IdentityIQ (IIQ) and strong architectural knowledge across the broader Identity & Access Management landscape, including Privileged Access Management (PAM), Active Directory (AD), and modern authentication/authorization ecosystems.
 
The IAM Architect will define, design, and drive end to end identity security architectures across the enterprise, discuss the road map with Client stakeholders, partnering with engineering, security, operations, cloud, and application teams of the client to ensure secure, scalable, and compliant IAM solutions. This role is both strategic and technical, balancing architectural oversight with hands-on solutioning in a highly dynamic customer landscape.
 

Job details:

  • Role:IAM Architect 
  • Full-time
  • remote
  • Start date: 23/02/2026
  • End date: 31/03/2028

 

Scope:

  • Lead the architecture, design, and roadmap for enterprise IAM capabilities with SailPoint IIQ as the core IGA platform.
  • Define IAM reference architectures, patterns, and reusable frameworks for identity lifecycle, access governance, and policy enforcement.
  • Develop architectural governance for IAM capabilities across IGA, PAM, AD, MFA/SSO, and Zero Trust models.
  • Provide architectural guidance for cloud (Azure/AWS) identity integrations and hybrid identity models.
  • SailPoint IdentityIQ Technical Leadership
  • Architect and oversee the implementation of IdentityIQ modules:
    –  Lifecycle Manager
    –  Access Certifications
    –  Compliance Manager
    –  Rule/Workflow development
    –  Custom connectors and plugin architecture
  • Design scalable models for:
    –  Identity correlation
    –  Account aggregation
    –  Role-based access control (RBAC)
    –  Access request workflows
    –  SoD policies and remediation
  • Guide engineering teams on best practices for connector development (REST, JDBC, AD, LDAP, SaaS systems).
  • Integration Architecture (PAM / AD / SSO / APIs)
  • Collaborate with PAM teams (CyberArk/Thycotic/BeyondTrust, etc.) to integrate privileged access flows with IGA.
  • Design and optimize AD identity architecture (OU structure, group strategy, delegation model).
  • Partner with SSO/MFA teams to align SailPoint with Azure AD/Entra ID, Okta, or Ping.
  • Create robust API integration patterns to onboard modern applications securely and consistently.
  • Security, Compliance & Risk Management
  • Ensure IAM architecture aligns with security controls, regulatory requirements, and audit expectations.
  • Establish access governance models, SoD frameworks, risk scoring, and policy-driven access.
  • Provide guidance during internal and external audits regarding IAM controls and design decisions.
  • DevOps, Automation & Continuous Improvement
  • Promote DevOps practices for IIQ:
    – CI/CD for configuration migration
    – Automated testing pipelines
    – Version-controlled identity configurations
  • Drive automation for provisioning, deprovisioning, certifications, and identity lifecycle operations.
  • Identify opportunities to modernize legacy identity services.
  • Act as the IAM technical authority across business, IT, and security stakeholders.
  • Translate business needs into secure, scalable IAM solutions.
  • Guide developers, engineers, and operations teams; create clear architectural documentation and standards.
  • Mentor teams on IAM best practices, future-state IAM maturity, and emerging technologies.

 

Skills:

  • Experience in integrating with JDBC, Active Directory, Exchange, SAP, ERP etc.
  • Contribute towards designing and implementing workflows.
  • Good programming skills in Java, J2EE, Bean Shell scripting, database etc.
  • Knowledge in web services, XML, SOAP and JMS.
  • Good to have experience in patch/version upgrades.
  • Must be able to communicate clearly with peers and supervisors.
  • Excellent verbal and written communication skills. Communicate with team lead and project manager to give status update both verbally and over emails.

 

SNI sp. z o.o. will process personal data for the purpose of the recruitment process in accordance with Data Privacy Policy. The data may also be stored and processed for future recruitment purposes, in accordance with the given consent.