Sr Enterprise Solution & Identity Solutions Architect

[Bhanu PK]

Title: Sr Enterprise Solution & Identity Solutions Architect

Location: Remote

 https://www.linkedin.com/in/bhanu-bhanu-18912b38a/

 Max taer $65 / hr on C2C 

About the role and what you'll be doing:

 

We are seeking a visionary architect who can design comprehensive, enterprise-scale security and identity solutions. This role will serve as the chief architect and strategic technical leader across our enterprise security, identity management, privileged access, print management, and workspace management ecosystems.

 

This position requires exceptional strategic thinking, architectural design expertise, and the ability to translate complex business requirements into scalable, secure technical solutions. You will own the architectural vision and standards for multiple enterprise platforms while providing technical leadership and governance.

 

Platform Scope:

CyberArk (Privileged Access Management)

RSA IGL & SecurID (Identity Governance & Multi-Factor Authentication)

UserLock (Session Management & Access Security)

PaperCut (Print Management & Document Security)

Ivanti User Workspace Manager (formerly AppSense - User Environment Management)

 

We want all new Associates to succeed in their roles at Ensono. That's why we've outlined the job requirements below. To be considered for this role, it's important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply.

 

. Strategic Architecture & Design

Define and own the enterprise-wide target solution architectures for all security and identity platforms (on-premises, cloud, or hybrid)

Design comprehensive Zero Trust and "Least Privilege" security frameworks spanning privileged access, identity governance, session management, and workspace control

Create high-level and low-level architectural blueprints including:

Enterprise identity warehouses and data models for RSA IGL

Distributed Vault architectures and secure network zoning for CyberArk

Contextual access policies and MFA orchestration strategies for UserLock

Global print management infrastructures and secure print-release workflows for PaperCut

User workspace management integration patterns with Citrix/VDI environments

Design high-availability (HA), disaster recovery (DR), and business continuity solutions for all platforms ensuring 99.9%+ uptime

Develop cross-platform integration strategies ensuring seamless identity federation, Single Sign-On (SSO) workflows, and unified access policies across on-premise and cloud environments

 

2. Enterprise Security Strategy

Map security compliance frameworks (NIST, GDPR, HIPAA, PCI-DSS, SOX, Zero Trust) into technical architectural requirements

Define the "Least Privilege" roadmap and Zero Trust strategy for protecting:

Administrative accounts and service accounts

CI/CD pipelines and DevOps workflows

Remote workers and VPN access

Cloud resources and SaaS applications

Design automated joiner/mover/leaver (JML) processes and access certification campaigns aligned with governance policies

Create security controls and access policy frameworks for:

Session management based on context (location, time, device type, risk level)

Privileged account vaulting and credential rotation

Print security and document tracking

User environment lockdown and application control

 

3. Technical Leadership & Governance

Serve as the subject matter expert (SME) and technical authority during:

Security audits and compliance reviews

Incident response and security events

Vendor evaluations and technology selections

Executive briefings and board presentations

Establish architectural standards, design patterns, and best practices for all platforms

Lead architecture review boards and provide technical governance for implementation teams

Create and maintain enterprise architecture documentation including:

Conceptual, logical, and physical architecture diagrams

Data flow diagrams and integration maps

Security control matrices and risk assessments

Technology roadmaps and migration strategies

Conduct proof-of-concept (POC) evaluations for new technologies and capabilities

 

4. Solution Design & Integration Planning

Design complex integration patterns between platforms including:

CyberArk integration with SIEM platforms (Splunk, Microsoft Sentinel)

RSA IGL integration with enterprise applications (SAP, Oracle, Workday, ServiceNow)

UserLock integration with cloud identity providers and SSO systems

PaperCut integration with cloud storage and document management systems

Ivanti UWM integration with Citrix, VMware, and IAM platforms

Define API strategies and develop integration specifications for custom connectors

Design automation frameworks for:

Account lifecycle management and provisioning

Policy deployment and configuration management

Reporting and compliance auditing

Incident detection and response

Plan for scalability and performance across global, distributed environments

 

5. Stakeholder Management & Communication

Translate complex technical architectures into business value propositions for executive leadership

Lead cross-functional workshops with business units, security teams, compliance, and IT operations to gather requirements and build consensus

Present architectural proposals and design reviews to technical and non-technical audiences

Partner with vendor technical teams and participate in advisory boards

Mentor implementation engineers and provide technical guidance throughout project lifecycles

 

REQUIRED SKILLS & QUALIFICATIONS

Experience Requirements:

Overall Experience:

10+ years of hands-on experience in Identity & Access Management (IAM), Cybersecurity, or Enterprise IT Architecture

 

Architectural Expertise:

7+ years of experience in solution architecture and enterprise design, with at least 5+ years specifically focused on three or more of the following platforms:

CyberArk (Privileged Access Management)

RSA Governance & Lifecycle and/or RSA SecurID

UserLock (IS Decisions)

PaperCut MF/NG

Ivanti User Workspace Manager (AppSense)

Leadership Experience:

Proven track record leading enterprise-scale architectural initiatives

Experience serving as chief architect or lead architect on complex, multi-platform programs

Technical Skills:

Architecture & Design:

Expert-level knowledge of enterprise architecture frameworks (TOGAF, Zachman)

Deep understanding of security architecture principles and Zero Trust frameworks

Expertise in designing high-availability, fault-tolerant, and disaster recovery solutions

Strong knowledge of cloud architecture patterns (AWS, Azure, GCP)

Core Identity & Security:

Deep expertise in Active Directory (AD), LDAP, Azure AD/Entra ID, and federation protocols

Mastery of authentication protocols: Kerberos, NTLM, RADIUS, SAML 2.0, OAuth 2.0, OpenID Connect

Strong knowledge of PKI, TLS/SSL certificate management, and cryptographic standards

Understanding of SIEM, SOAR, and security analytics platforms

 

Technical Knowledge:

Proficiency in reading and reviewing code (PowerShell, Python, Java, JavaScript, SQL)

Deep understanding of Windows/Linux Server architecture and directory services

Knowledge of database architecture (SQL Server, Oracle, PostgreSQL)

Understanding of network security, segmentation, and secure communication protocols

Familiarity with DevOps practices, CI/CD pipelines, and infrastructure-as-code

 

Compliance & Risk:

Deep knowledge of regulatory frameworks: NIST, ISO 27001, GDPR, HIPAA, PCI-DSS, SOX

Experience conducting security risk assessments and threat modeling

Understanding of audit requirements and evidence collection

 

Leadership & Soft Skills:

Strategic Thinking: Ability to envision long-term technology roadmaps and align them with business objectives

Communication Excellence: Exceptional written and verbal communication skills; ability to present to C-level executives and technical teams alike

Stakeholder Management: Proven ability to build consensus among diverse stakeholders with competing priorities

Problem Solving: Advanced analytical and troubleshooting skills; ability to resolve complex architectural challenges

Mentorship: Experience mentoring junior architects and implementation engineers

Documentation: Excellent technical writing skills for creating comprehensive architecture documentation

 

PREFERRED CERTIFICATIONS

Platform-Specific Certifications:

CyberArk Guardian or Sentry level certification

CyberArk Certified Architect

RSA Certified Administrator (Governance & Lifecycle)

RSA Certified Administrator (SecurID Access)

IS Decisions UserLock Certified Professional

PaperCut MF Technical Certification

Ivanti Certified Administrator | UWM

Enterprise Architecture & Security Certifications:

CISSP (Certified Information Systems Security Professional) - Highly Preferred

TOGAF 9 Certified

SABSA Chartered Security Architect

CISM (Certified Information Security Manager)

CISA (Certified Information Systems Auditor)

Microsoft Certified: Identity and Access Administrator Associate

Microsoft Certified: Azure Solutions Architect Expert

AWS Certified Solutions Architect – Professional

CCSP (Certified Cloud Security Professional)

 

Additional Certifications:

ITIL Expert or ITIL 4 Managing Professional

Project Management Professional (PMP)

Certified in Risk and Information Systems Control (CRISC)