Identity Access Management Architect - Remote

  • IAM
  • Remote job

Identity Access Management Architect - Remote

Job description

Most recently, Provision IAM has been growing its higher education footprint, bringing to market several identity and access management services. We are seeking a qualified individual with higher education experience to continue to grow our identity team and serve the needs of the community. 

Our team’s capabilities range from the highly creative to the extremely technical. While we each have varying backgrounds, we all share one common characteristic — passion for work which integrates seamlessly.

Provision IAM is a great place to work! We offer competitive salaries, an individualized networking and education budget, company-paid insurance benefits, IRA plan with company match, and more.

Headquartered in Cumberland, MD, we have an extended network of experts on our team who work in numerous states. We recognize the critical impact each employee creates in helping us, and our clients, achieve success.
At Provision IAM, we commit to equal employment opportunities, treating all individuals fairly regardless of race, religion, sexual orientation, national origin, political affiliation, disability, age, marital status, medical history, parental status, or genetic information.


We are seeking a highly skilled IAM Analyst with Higher Ed experience to join our team. In this role, you will be responsible for designing, implementing, and supporting identity and access management (IAM) solutions for our clients. You should have a strong technical background in IAM and be able to work collaboratively in a team-oriented environment.



  • Design, implement, and troubleshoot IAM solutions, including role-based access control (RBAC), attribute-based access control (ABAC), access request and certification, user lifecycle management processes, federation, authentication, authorization, multi-factor authentication (MFA), and single sign-on (SSO).

  • Configure and deploy IAM solutions using LDAP, SAML, OpenID Connect, OAuth 2.0, and other modern authentication methods.

  • Troubleshoot and resolve identity management related issues, including data aggregation, data management, credential provisioning and de-provisioning, access provisioning and de-provisioning, account claim, onboarding notifications, password management, enterprise authentication, and federation.

  • Develop, configure, and deploy design changes and enhancements to an IAM platform to meet business requirements.

  • Estimate task durations and project hours for deployment effort

  • Provide feedback on project status, milestones, and risks.

  • Participate in Internet2, InCommon, and other gatherings of identity management leaders from other institutions.


  • Prior experience working in higher education and research institution a must

  • 4+ years experience in the Identity and access management space

  • Strong technical experience with IAM, including designing, implementing, and supporting IAM solutions.

  • Working knowledge or experience with one or more IGA solutions, such as midPoint, SailPoint IIQ or IdentityNow, Identity Automation RapidIdentity, Fischer Identity, Microsoft Identity Manager, etc.

  • Working knowledge or experience with one or more enterprise authentication and web access management solutions, such as Shibboleth, Azure, Okta, OneLogin, Ping, etc.

  • Familiarity with Internet2's InCommon Trusted Access Platform (TAP) Reference Architecture and solutions, such as midPoint, Grouper, Shibboleth, and COmanage.

  • Strong proficiency in XML and at least one of the following programming languages: Groovy, JavaScript, Java, Python, or C#.

  • Experience with relational databases such as SQL Server, PostgreSQL, and MySQL.

  • Experience with Microsoft Active Directory, Azure Active Directory, and LDAP directory services.

  • Exhibit excellent oral and written communication skills through presenting and expressing ideas and information effectively and concisely, appropriate for the audience.

  • Ability to demonstrate adaptability, teamwork, a commitment to collective success, and a strong work ethic.

Preferred Qualifications:

  • Hands-on technical experience configuring and administering midPoint.

  • Windows/Linux systems administration experience.

  • Open-source contributions.

  • Experience with deploying Java applications.

  • Experience with revision control tools, such as Git/Github, CVS, SVN.

  • Interest in DevOps, including tooling and automation.

  • Knowledge of software containerization, e.g., Docker containers, Kubernetes, or OpenShift.

Special consideration given to candidates possessing information security certifications and project management experience.
Salary $85,000 to $110,000 will be commensurate based on experience. At this time, we are only looking for candidates interested in full-time employment.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.