Infrastructure & Access Management Architect

  • Mayer Brown LLP
  • 06/07/2026
Full time Information Technology Telecommunications

Job Description

Responsibilities
  • Stay current with emerging IAM technologies such as passwordless authentication, decentralized identity frameworks, and adaptive access controls.
  • Collaborate with the Senior Architect Information Security and lead the implementation of identity governance automation, leveraging machine learning for anomaly detection and remediation.
  • Ensure seamless integration of multi factor authentication (MFA) with biometric and mobile device capabilities to improve both security and user experience.
  • Champion the adoption of identity threat detection and response (ITDR) solutions to proactively identify and mitigate identity based attacks.
  • Develop and maintain the firm's IAM architecture, including identity lifecycle, access governance, and privileged access controls.
  • Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos, LDAP) and in conjunction with the Platform Engineering team, Conditional Access policies aligned with Microsoft best practices.
  • Embed zero trust and least privilege principles across all privileged roles and enterprise applications.
  • Responsible for global firewall design and architecture.
  • Architect and enhance privileged access management (PAM) capabilities, including approval workflows and continuous monitoring.
  • Collaborate with Security to design Azure Policies and guardrails, supporting audit readiness and remediation (e.g., ISO 27001, ISO 22301).
  • Integrate IAM with HR, IT, and engineering systems to ensure policy driven access throughout the user lifecycle.
  • Oversee Conditional Access deployment, risk based authentication, and device/state signals.
  • Guide the operation and hardening of multi site Active Directory domains/forests and cloud identity components (Entra/Azure AD).
  • Align IAM with Firewall, Micro Segmentation, NDR, Remote Access, and Certificate Management strategies.
  • Assess IAM related vulnerabilities and design timely mitigations.
  • Establish and maintain reference architectures, design standards, runbooks, and documentation.
  • Participate in vendor governance, roadmap reviews, and security notifications.
  • Communicate architecture decisions to senior business and IT leaders; foster cross regional collaboration.
  • Track industry trends and recommend innovations to improve security and reduce complexity.
  • Perform other duties as assigned or required to meet Firm goals and objectives.
Qualifications
  • Bachelor's degree in Computer Science, Information Technology, or related field; equivalent experience considered.
  • Approx. 7-10 years in IAM/identity engineering/architecture within large or enterprise environments; 3+ years leading complex IAM design initiatives.
  • Prior global/large scale enterprise experience preferred.
  • Relevant industry certifications such as CISSP.
  • Microsoft Certified: Identity and Access Administrator Associate required.
  • Azure Cybersecurity Expert preferred.
  • Certified Identity and Access Manager (CIAM) highly desirable.
Technical Skills
  • Deep expertise in Microsoft identity and security across SaaS/PaaS, IAM, and Privileged Access domains; advanced Entra ID/Azure AD and on prem AD.
  • Strong command of SSO and authentication protocols: OpenID Connect, SAML, OAuth, Kerberos, LDAP.
  • Hands on RBAC design, entitlement management, and automated provisioning/de provisioning pipelines.
  • Proficiency with PowerShell and RESTful integrations for identity automation and compliance checks.
  • Familiarity with NDR and Micro Segmentation patterns; understanding of network topologies and their interplay with IAM.
  • Experience hardening infrastructure and monitoring for malware/unauthorized access in hybrid environments.
  • Exposure to Azure Policy and landing zone guardrails; Conditional Access at scale.
Performance Traits
  • Excellent written and verbal communication; able to explain complex identity concepts to diverse audiences.
  • Strong customer focus, initiative, and ability to operate under pressure with shifting priorities.
  • Collaborative across business analysts, developers, data teams, and security; resilient, agile mindset; commitment to process improvement and structured operational practices.
  • High discretion in handling sensitive information; willingness to challenge the status quo constructively.
  • Willingness to challenge the status quo.

We are happy to discuss any reasonable adjustments that individuals may require throughout the recruitment process and once they have joined the Firm.