Lead Identity & Access Architect
United States
Full Time
1 week ago
No Visa Sponsorship
Key skills
Cyber SecurityNeo4jPythonPowerShellAIEntra IDActive DirectoryGitCommunicationZero Trust
About this role
Role Overview
- Lead hands-on discovery of Active Directory and Entra ID environments to uncover attack paths, shadow admins, and misconfigured GPOs.
- Identify the highest-impact choke points representing the majority of client risk and map findings to time-bound remediation steps with clear owners.
- Deliver executive briefings that translate technical findings into business impact, roadmaps, and Identity Risk Scorecards.
- Lead proof-of-remediation engagements for top findings and measure impact before broader rollout.
- Guide clients from reactive, password-based security toward enforced Zero Trust and least-privilege architectures.
- Identify and remediate risks from orphaned service principals, automated service accounts, and shadow AI agents.
- Build and maintain reusable automation and a Git-based playbook library using PowerShell, KQL, Python, and Neo4j/Cypher.
- Ensure alignment to NIST SP 800-53, CISA directives, FedRAMP, and CMMC; produce artifacts supporting audits and accreditations.
- Mentor pod engineers and support knowledge transfer across engagements.
- Perform all other duties as assigned.
Requirements
- Bachelor's degree in an IT-related field or equivalent experience.
- 12–15 years in cybersecurity consulting; 5+ years leading identity modernization engagements.
- Deep, hands-on experience with Microsoft's identity and security stack: Entra ID, Conditional Access, PIM, Defender for Identity, Sentinel, and Microsoft 365 Defender.
- Experience in U.S. Public Sector frameworks (NIST SP 800-207/800-53, FedRAMP, CMMC) highly desirable.
- Proficiency with Active Directory and Entra ID; working knowledge of BloodHound, PingCastle, and Purple Knight required.
- Fluency in PowerShell, KQL, Python, and Neo4j/Cypher.
- Ability to see an environment through an attacker's eyes and communicate risks clearly to executive stakeholders.
- Familiarity with common adversary tactics and structured threat modeling approaches.
- Strong written and verbal communication skills; able to translate technical findings into executive narratives.
- DevOps hygiene (Git, PRs, CI) and a product-oriented mindset toward automation.
Tech Stack
- Cyber Security
- Neo4j
- Python
Benefits
- Comprehensive Health, Dental, and Vision plans
- Premier 401k retirement plan with corporate matching and a 529 college saving plan
- Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
- Legal Resources
- Tailored Benefits to Suit Your Needs with our Flexible Options
- Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
- Employee referral program
- Employee recognition, gift and reward program
- Tuition reimbursement for continuing education
- Remote or hybrid work options
- Engaging company events such as team building activities, annual awards and kick-off parties
- Health and wellness-focused activities
- Relaxation Spaces
- In-office gourmet coffee, tea, fresh fruit and healthy snacks
- Corporate GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices