IAM Architect

Define and implement IAM architecture strategies aligned with business and security objectives of our clients. Design scalable and secure identity solutions including authentication, authorization, identity lifecycle management, Customer Identity and access management (CIAM), and privileged access management (PAM). Serve as the technical authority for IAM tools and platforms (e.g., Azure AD, ADFS, SailPoint, Saviynt, Okta, CyberArk, Forgerock etc.). Lead the client project for integration of legacy and modern identity providers into a unified IAM framework. Develop strong architecture principles and guidelines including scalability, resilience, modularity, and security-by-design. Lead the deployment and configuration of IAM solutions for clients across cloud and on-premises environments. Provide IAM integration designs and architectural guidelines for new applications and services, including APIs, SSO, and federation protocols (SAML, OAuth, OpenID Connect). Conduct review IAM systems for performance, availability, and security. Drive the adoption of Authentication and Authorization reference architectures for existing, new and emerging IAM technologies. Develop and enforce IAM policies, standards, and best practices. Help our client to achieve compliance with regulatory requirements (e.g., GDPR, SOX, HIPAA) and internal security policies. Participate in enterprise architecture governance and contribute to strategic planning.

At PwC Switzerland, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We're part of a tech-forward, people-empowered network and help clients build, accelerate and sustain momentum across audit, assurance, tax, legal, workforce, deals and consulting.

• Bachelor's or Master's degree in Computer Science, Information Technology, Engineering, or a related field

• 8+ years of experience in IAM architecture and implementation

• Proven experience with IAM platforms such as SailPoint, ForgeRock, Okta, CyberArk, or similar.

• Strong understanding of directory services (Active Directory, LDAP), PKI, and identity federation.

• Understanding of cloud architectures and strategy (public, private, and hybrid).

• CISSP, CISM, or product vendor certifications is a plus

• Expertise in IAM protocols and standards (SAML, OAuth2, OpenID Connect, SCIM).

• Familiarity with cloud platforms (Azure, AWS, GCP) and hybrid identity models.

• Knowledge of Zero Trust Architecture and modern security frameworks.

• Experience with CI/CD pipelines and DevSecOps practices is a plus.

• Strong analytical and problem-solving skills.

• Excellent communication and stakeholder management abilities.

• Ability to work independently and lead cross-functional teams.

• High attention to detail and commitment to quality