Identity and Access Management Architect

About Acrisure

A global fintech leader, Acrisure empowers millions of ambitious businesses and individuals with the right solutions to grow boldly forward. Bringing cutting-edge technology and top-tier human support together, we connect clients with customized solutions across a range of insurance, reinsurance, payroll, benefits, cybersecurity, mortgage services – and more. 

In the last twelve years, Acrisure has grown in revenue from $38 million to almost $5 billion and employs over 19,000 colleagues in more than 20 countries. Acrisure was built on entrepreneurial spirit. Prioritizing leadership, accountability, and collaboration, we equip our teams to work at the highest levels possible.

Job Summary:

We are seeking an experienced Identity and Access Management Architect to join our IAM initiatives within the Zero Trust Security framework. The ideal candidate will have a strong understanding of IAM principles, identity governance, automation, access controls and IAM tools. This role requires hands-on experience with Identity Governance and Administration (IGA) platforms, Privilege Access Management (PAM) solutions, Zero Trust Architecture, identity federation, RBAC, Just-In-Time Access, SOX compliance, and scripting/automation for process efficiency and security enhancements.

Responsibilities:

• Design, implement, and support IAM solutions with a focus on Identity Governance and Administration (IGA).
• Support PAM program to administer, control, and monitor privileged access.
• Ownership of defining and maintaining the enterprise-wide IAM architecture and roadmap, ensuring alignment with Zero Trust and broader security strategy.
• Responsibility for leading IAM governance and policy development, including access standards, SoD enforcement, and role design frameworks.
• Configure, implement, and support IGA platforms (e.g., Veza, SailPoint, Saviynt) for lifecycle management, access reviews, and role-based access controls.
• Develop/evaluate/optimize scripts (e.g., PowerShell, Python, Bash, Rest API, MS Graph, Docker CLI) to automate user provisioning, de-provisioning, job mover, reporting tasks, and other identity related activities.
• Experience designing advanced authentication and access models (passwordless, adaptive access, FIDO2/WebAuthn).
• Mentor and guide IAM engineers and project teams, providing architectural oversight and technical leadership.
• Define IAM metrics, reporting, and KPIs to measure access risk, compliance, and operational performance.
• Integrate IAM systems with HR, ITSM, directory services (e.g., Active Directory, LDAP), and cloud platforms (e.g., AWS, Azure AD).
• Collaborate with security, compliance, and application teams to align IAM strategies with business needs.
• Maintain documentation, runbooks, and system diagrams for IAM processes and tools.
• Stay current with IAM trends, tools, and security threats.

Requirements

• Strong knowledge of Zero Trust security principles and frameworks.
• Familiarity with IAM technologies (e.g., Identity Governance, Single Sign-On, Multi-Factor Authentication, PAM, etc.).
• In-depth knowledge of protocols like SAML, OAuth 2.0, OIDC, LDAP, and SCIM.
• Proficient in scripting languages such as PowerShell, Python, or Bash for automation tasks.
• Strong analytical skills for proactive problem solving with minimal oversight or direction.
• Excellent communication skills, with the ability to articulate complex security concepts to both technical and non-technical stakeholders.

Education and Experience:

• 7+ years of hands-on experience in Identity and Access Management with 3+ years in a senior architecture role.
• Experience with compliance standards such as NYDFS, SOX, HIPAA, and NIST.
• Experience in designing and implementing cloud IAM services (e.g., AWS IAM, Azure AD).
• Relevant certifications such as CISSP, CISM, or vendor-specific IAM certs (e.g., SailPoint Certified IdentityNow Engineer, CyberArk Defender).

#LI-CH1

Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership.

Why Join Us:

At Acrisure, we’re building more than a business, we’re building a community where people can grow, thrive, and make an impact. Our benefits are designed to support every dimension of your life, from your health and finances to your family and future.

Making a lasting impact on the communities it serves, Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Children's Hospital in Grand Rapids, Michigan, UPMC Children's Hospital in Pittsburgh, Pennsylvania and Blythedale Children's Hospital in Valhalla, New York.

Employee Benefits

We also offer our employees a comprehensive suite of benefits and perks, including:

• Physical Wellness: Comprehensive medical insurance, dental insurance, and vision insurance; life and disability insurance; fertility benefits; wellness resources; and paid sick time.

• Mental Wellness: Generous paid time off and holidays; Employee Assistance Program (EAP); and a complimentary Calm app subscription.

• Financial Wellness: Immediate vesting in a 401(k) plan; Health Savings Account (HSA) and Flexible Spending Account (FSA) options; commuter benefits; and employee discount programs.

• Family Care: Paid maternity leave and paid paternity leave (including for adoptive parents); legal plan options; and pet insurance coverage.

• … and so much more!

This list is not exhaustive of all available benefits. Eligibility and waiting periods may apply to certain offerings. Benefits may vary based on subsidiary entity and geographic location.

Acrisure is an Equal Opportunity Employer. We consider qualified applicants without regard to race, color, religion, sex, national origin, disability, or protected veteran status. Applicants may request reasonable accommodation by contacting [email protected].

California Residents: Learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy.

Recruitment Fraud: Please visit here to learn more about our Recruitment Fraud Notice.

Welcome, your new opportunity awaits you.