Senior IAM Architect

Posted 8 Days Ago
Be an Early Applicant
2 Locations
In-Office or Remote
Senior level
Internet of Things • Software • Manufacturing
At Resideo, we create technology and smart solutions that integrate with our customers' lives.
The Role
Lead enterprise IAM architecture and roadmap across cloud, on‑prem, and hybrid environments. Design IGA, access management, PAM, non‑human identities, authentication/authorization (SSO/MFA, OAuth/OIDC, SAML, SCIM, LDAP), secrets management, lifecycle controls, risk remediation, and compliance (NIST/ISO/SOC2/GDPR). Partner with stakeholders, evaluate emerging identity tech, and guide platform integrations and delivery.
Summary Generated by Built In

We are seeking an Identity and Access Management (IAM) Architect to lead the design and evolution of our enterprise identity strategy. You will define how identities are securely managed, authenticated, and authorised across all environments—enabling a scalable, Zero Trust-aligned approach that protects the business while delivering a frictionless user experience. This is a high-impact role at the centre of our security and digital transformation journey.


JOB DUTIES:

  • Own the enterprise IAM architecture strategy, target state, and roadmap across cloud, on-premises, and hybrid environments, aligned to Zero Trust and security standards. 
  • Serve as the IAM technical authority and provide hands-on architectural leadership across infrastructure, cloud, and platform security initiatives. 
  • Design and document end-to-end IAM capabilities across IGA, access management, PAM, secrets, and non-human identities. 
  • Define integration patterns and reference architectures; evaluate build vs. buy and emerging IAM capabilities (e.g., passwordless, AI/agentic identities, decentralised identity) to deliver scalable services across applications, infrastructure, and DevOps tooling. 
  • Architect authentication and authorisation (SSO, MFA, RBAC/ABAC) and standardize protocols (OAuth2/OIDC, SAML, SCIM, LDAP). 
  • Lead IAM platform design and integration across cloud/hybrid (e.g., Microsoft Entra ID, Active Directory, SailPoint, PingFederate/Ping Identity, AWS IAM, CyberArk or equivalent). 
  • Define identity lifecycle controls (joiner/mover/leaver, provisioning, access certifications, and role/entitlement modeling). 
  • Identify IAM risks and architecture gaps; define constraints and mitigations, and drive remediation through roadmap and delivery items. 
  • Ensure IAM controls and integrations meet security and regulatory requirements (e.g., NIST SP 800-63, ISO 27001, SOC 2, GDPR) and support audit activities. 
  • Partner with business stakeholders to align IAM outcomes to enterprise objectives and communicate decisions and tradeoffs to senior leadership. 

 

YOU MUST HAVE:

  • Strong experience in the identity and access management, preferably at architecture level, however IAM Engineers seeking opportunities to advance to an architecture role will be considered 
  • Strong experience across core IAM domains: IGA (lifecycle, certifications), access management (SSO/MFA), Conditional Access, PAM, and non-human identity (workload/service identities), with hands-on-experience with one or more enterprise IAM platforms (e.g., Microsoft Entra ID/Azure AD, Okta, Ping, SailPoint) and integration across cloud/hybrid environments. 
  • Deep knowledge of authentication/authorisation patterns and protocols: OAuth 2.0/OIDC, SAML 2.0, SCIM, and LDAP/AD. 
  • Solid understanding of cloud IAM (AWS, Azure, and/or GCP), including identity federation and least-privilege design. 
  • Experience assessing IAM risks and security controls, defining mitigations, and supporting audits and compliance requirements (e.g., NIST/ISO). 
  • Strong analytical, problem-solving, and communication skills, with the ability to engage both technical and non-technical stakeholders effectively

  • Collaborative team player who adapts quickly to changing priorities while maintaining attention to detail

 

WE VALUE:

  • Proven ability to define IAM target state, reference architectures, standards, and multi-phase roadmaps aligned to Zero Trust. 
  • Experience with secrets management (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault). 
  • Knowledge of DevSecOps practices and integrating IAM controls into CI/CD pipelines. 
  • Exposure to machine/workload identity federation (e.g., SPIFFE/SPIRE) and modern approaches to non-human identity. 

WHAT'S IN IT FOR YOU:

  • Funding provided to support your self-development 
  • Fully remote working model
  • Meal ticket for each day worked
  • Medical coverage to support your health and wellbeing
  • 26 days of vacation

 


#LI-AM3

#LI-REMOTE

About Us

Resideo Technologies has announced its intention to spin off ADI Global Distribution and establish it as a separate, publicly traded company. Under this plan, ADI will continue its role as a leading global wholesale distributor serving commercial and residential markets, while Resideo will retain its manufacturing and product-solutions business. Upon separation, both companies will operate independently to better serve their respective markets and customers. The spin-off is currently targeted for completion in the second half of 2026, subject to customary conditions.

Resideo is a $6.76 billion global manufacturer, developer, and distributor of technology-driven sensing and control solutions that help homeowners and businesses stay connected and in control of their comfort, security, energy use, and smart living. We focus on the professional channel, serving over 100,000 contractors, installers, dealers, and integrators across the HVAC, security, fire, electrical, and home comfort markets. Our products are found in more than 150 million residential and commercial spaces worldwide, with tens of millions of new devices sold annually. Trusted brands like Honeywell Home, First Alert, and Resideo power connected living for over 12.8 million customers through our Products & Solutions segment. Our ADI | Snap One segment spans 200+ stocking locations in 17 countries, offering a catalog of over 500,000 products from more than 1,000 manufacturers. With a global team of more than 14,000 employees, we offer the opportunity to make a real impact in a fast-growing, purpose-driven industry. Learn more at www.resideo.com.

At Resideo, we bring together diverse individuals to build the future of homes. Resideo is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status. For more information on applicable U.S. equal employment regulations, refer to the "EEO is the Law" poster, "EEO is the Law" Supplement Poster and the Pay Transparency Nondiscrimination Provision. Resideo complies with applicable equal employment laws in all countries where we do business. For more information on how we process your information in the job application process, please refer to Recruitment Privacy Notice. If you require a reasonable accommodation to apply for a job, please use Contact Us form for assistance.

Skills Required

  • Experience in identity and access management at architecture level or strong IAM engineering experience poised for architecture
  • Experience across IGA (lifecycle, certifications), access management (SSO/MFA), Conditional Access, PAM, and non-human identities
  • Hands-on experience with enterprise IAM platforms (Microsoft Entra ID/Azure AD, Okta, Ping, SailPoint) and cloud/hybrid integrations
  • Deep knowledge of authentication/authorization protocols: OAuth2/OIDC, SAML2.0, SCIM, LDAP/AD
  • Solid understanding of cloud IAM (AWS, Azure, and/or GCP), identity federation, and least-privilege design
  • Experience assessing IAM risks, defining mitigations, and supporting audits/compliance (NIST, ISO, SOC 2, GDPR)
  • Strong analytical, problem-solving, and communication skills; ability to engage technical and non-technical stakeholders
  • Collaborative, adaptable team player with attention to detail
  • Proven ability to define IAM target state, reference architectures, standards, and roadmaps aligned to Zero Trust
  • Experience with secrets management (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault)
  • Knowledge of DevSecOps practices and integrating IAM controls into CI/CD pipelines
  • Exposure to machine/workload identity federation (SPIFFE/SPIRE) and modern non-human identity approaches

Resideo Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Resideo and has not been reviewed or approved by Resideo.

  • Retirement Support Feedback suggests the retirement program features a standout employer match and access to an employee stock purchase plan. These elements add meaningful long-term value to total rewards.
  • Leave & Time Off Breadth Feedback suggests time off is generous in some salaried roles, with flexible or unlimited PTO alongside company holidays and parental leave. Actual usage appears to depend on team norms and manager support.
  • Healthcare Strength Feedback suggests medical, dental, and vision coverage are comprehensive, complemented by wellness resources and health savings options in some plans. This establishes a solid baseline of health support across many roles.

Resideo Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Scottsdale, AZ
14,000 Employees
Year Founded: 2018

What We Do

Resideo is a global leader in ensuring homeowners are safe, productive and comfortable in their homes. The company became an independent, publicly traded company in late 2018 as a result of Honeywell spinning off its Homes product portfolio and ADI Global Distribution businesses. Resideo’s mission is to provide its customers with integrated, simple solutions for today’s connected home.

Why Work With Us

Resideo puts people in charge of their home comfort, safety, security, and energy efficiency. We are also a top global distributor of security, fire, and low-voltage products. We work as a team of teams, where we all understand and work towards a common goal to solve challenges, serve our customers, and support the communities where we live.

Gallery

Gallery

Similar Jobs

Deepgram Logo Deepgram

Research Staff, LLMs

Artificial Intelligence • Machine Learning • Natural Language Processing • Software • Conversational AI
In-Office or Remote
49 Locations
150 Employees
150K-250K Annually

Deepgram Logo Deepgram

Account Executive

Artificial Intelligence • Machine Learning • Natural Language Processing • Software • Conversational AI
In-Office or Remote
28 Locations
150 Employees

Smartling Logo Smartling

Business Development Representative

Artificial Intelligence • Cloud • Information Technology • Machine Learning • Natural Language Processing • Software
Easy Apply
Remote
27 Locations
117 Employees

CrowdStrike Logo CrowdStrike

Senior Data Scientist

Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Remote or Hybrid
3 Locations
11000 Employees

Similar Companies Hiring

Legora Thumbnail
Artificial Intelligence • Legal Tech • Software
Chicago, Illinois
700 Employees
Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account