Description: The IAM Lead Consultant / Architect is responsible for leading the design, architecture, and implementation of enterprise-grade Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions across diverse environments within the APAC region. The role requires deep hands-on technical expertise, strong architecture design skills, and leadership in deploying IAM/PAM platforms such as SailPoint, Saviynt, Okta, CyberArk, Microsoft Entra ID, Ping, and BeyondTrust. The ideal candidate will act as a trusted technical advisor, guiding implementation teams and clients through end-to-end IAM transformation programs-covering requirements, solution design, integration, automation, and operations. The role demands technical excellence in identity lifecycle management, privileged account security, and access governance. Responsibilities: Lead design, architecture, and implementation of IAM/PAM solutions across hybrid and multi-cloud environments. Translate business and security requirements into scalable IAM architecture blueprints and technical roadmaps. Develop custom connectors, workflows, and automation scripts for provisioning, deprovisioning, and access reviews. Integrate IAM platforms with enterprise directories, HR systems, ticketing tools, and cloud applications. Design and enforce role-based access control (RBAC), attribute-based access control (ABAC), and segregation of duties (SoD) frameworks. Architect and implement privileged access vaulting, session management, and credential rotation using tools like CyberArk or BeyondTrust. Automate IAM operations using scripting (PowerShell, Python, REST APIs) and integrate with DevOps CI/CD pipelines. Conduct performance tuning, troubleshooting, and optimization of IAM/PAM deployments. Provide technical leadership and mentoring to delivery teams throughout project lifecycles. Support audits, risk assessments, and compliance initiatives aligned with ISO 27001:2022, NIST, and PDPA Malaysia requirements. Technical Expertise Strong hands-on expertise with leading IAM/PAM platforms such as SailPoint, Saviynt, Okta, Ping, CyberArk, Microsoft Entra ID, and BeyondTrust. Experience designing and implementing complex integrations with REST/SOAP APIs and modern authentication protocols (SAML, OAuth2, OpenID Connect). Proficiency in scripting and automation (Python, PowerShell, Bash) for IAM orchestration and DevOps pipeline integration. Deep understanding of directory services (Active Directory, LDAP, Azure AD) and identity federation technologies. Hands-on experience implementing Just-in-Time (JIT) access, password rotation, and privileged session management. Experience developing identity provisioning workflows, connectors, and policies for on-premises and cloud applications. Knowledge of cloud IAM capabilities on Azure, AWS, and Google Cloud. Strong understanding of Zero Trust Architecture, identity governance, and security compliance frameworks. Experience in architecting multi-tenant or large-scale IAM environments for enterprise clients in APAC. Qualifications: Bachelor's degree in computer science, Information Security, or related discipline. Minimum 8+ years of experience in IAM/PAM domain with at least 3 years in architecture or lead consulting role. Deep technical and architectural knowledge of at least two IAM/PAM products (SailPoint, Saviynt, CyberArk, Okta, Microsoft Entra ID, BeyondTrust, Ping). Professional certifications (preferred): Certified Identity and Access Manager (CIAM), CISSP, CISM, CRISC, CISA, ISO/IEC 27001:2022 Lead Auditor/Implementer. Product certifications (preferred): SailPoint Certified IdentityIQ Engineer, Saviynt Certified Professional, CyberArk Defender/Guardian, Okta Certified Consultant, Microsoft Certified: Identity and Access Administrator Associate. Exposure to DevOps methodologies, CI/CD pipelines, and API-based integrations for IAM deployments. Soft Skills Excellent analytical and problem-solving skills with strong attention to detail. Ability to lead technical discussions, architecture workshops, and client presentations with executive stakeholders. Strong written and verbal communication skills with the ability to document complex architectures clearly. Ability to mentor junior consultants and foster knowledge sharing across delivery teams. Proactive, self-motivated, and adaptable to fast-paced, multicultural environments. Ability to travel across APAC for project delivery and client engagements.
