Principal IAM Architect

Serving the People Who Serve the People

 

Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.

 

Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place. With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada. By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe.

Want to know more? See more of what we do here.

We are seeking a seasoned, hands-on Principal Identity and Access Management Architect to lead the design, build and operationalization of our enterprise-wide Identity Governance & Access Management (IGAM) program. This role will be instrumental in advancing and strengthening our global identity foundation, enhancing lifecycle management, access governance, privileged access, and identity automation capabilities across our global operations.

 

 

• Define and own the target-state architecture, roadmap and technical strategy for identity lifecycle management, access governance, and privileged access within the enterprise.
• Lead the implementation of provisioning/deprovisioning workflows, role and entitlement models (RBAC/ABAC), integration with authoritative sources (HR, contractors), and service accounts.
• Design and implement identity platforms and toolsets (IGA, PAM, Identity Federation, SSO, SAML/OIDC, SCIM) across cloud (AWS/Azure/GCP) and on-premises environments.
• Drive identity governance activities including access certification campaigns, orphan account reconciliation, SoD controls, least-privilege enforcement and continuous improvement.
• Collaborate with security operations, compliance, architecture and DevSecOps teams to embed identity controls, monitor identity risk and ensure audit/regulatory readiness (SOC 2, ISO 27001, FedRAMP, GDPR).
• Lead hands-on technical delivery: scripting/APIs/infrastructure as code for identity automation, cloud directory services (Azure AD/Entra ID), Okta/SailPoint/ForgeRock or similar platforms.
• Serve as subject-matter expert (SME) in identity technologies, keep abreast of trends (Zero Trust, passwordless, CIAM) and translate business needs into identity solutions.
• Define and lead the architecture, roadmap and strategy for Identity Management, Governance, and Privileged Access
• Build or re-engineer identity lifecycle capabilities (on-boarding, off-boarding, provisioning/deprovisioning, access reviews, role/entitlement modelling)
• Integrate identity systems across cloud/hybrid/on-premises, including directories (AD/Azure AD/Entra ID), federation (SAML/OIDC/OAuth2), provisioning standards (SCIM), PAM (Privileged Access) tools.
• Embed identity governance & access review controls (IGA, SoD, least privilege) and support regulatory/compliance frameworks (SOX, PCI, GDPR, NIST, ISO)
• Lead technical teams (mentor engineers, lead design reviews) and collaborate with business, security, architecture stakeholders.
• Automate identity workflows using scripting/APIs

 

• Bachelor’s degree (Computer Science, Information Security, or related field) or equivalent experience.
• 7-15+ years of experience in IAM, identity engineering, security engineering; some years in leading/architecting, ideally with a global organization.
• Hands-on expertise with identity platforms (Okta, SailPoint, ForgeRock, Azure AD/Entra ID, CyberArk, etc) + protocols (SAML, OIDC, OAuth2, SCIM, LDAP).
• Proven experience building or transforming identity programs (lifecycle, governance, privileged access) from the ground up or major re-architectures.
• Experience with hybrid cloud/on-premises identity, multi-cloud (AWS/Azure/GCP) environments.
• Strong scripting/automation skills (PowerShell, Python, APIs)
• Excellent written and verbal communication skills
• Ability to demonstrate cross-functional leadership across all levels
• AI Enablement to enhance speed, automation, and transformation.
• Demonstrated ability to integrate, implement, or work with AI technologies, tools, or frameworks.
• Experience using AI tools (e.g., GitHub Copilot, etc.,) to improve development productivity.
• Stay updated on emerging trends in AI and actively integrate relevant tools or practices into workflows

Other Job Info

· Shift hours can be mainly 1st shift local time, with some meetings during US business hours, complimented with flexible scheduling

 

Don’t have all the skills/experience mentioned above? At Granicus, we are trying to build diverse, inclusive teams. We do not have degree requirements for most of our roles. If you don’t meet every requirement above but are excited to learn more, we encourage you to apply. We might just be able to find another role that could be a perfect fit!

 

Security and Privacy Requirements

• Responsible for Granicus information security by appropriately preserving the Confidentiality, Integrity, and Availability (CIA) of Granicus information assets in accordance with the company's information security program.
• Responsible for ensuring the data privacy of our employees and customers, their data, as well as taking all required privacy training in a timely manner, in accordance with company policies.

 

The Team

• We are a remote-first company with a globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.

 

The Culture

• At Granicus, we are building a transparent, inclusive, and safe space for everyone who wants to be
  a part of our journey.
• A few culture highlights include – Employee Resource Groups to encourage diverse voices
• Coffee with Mark sessions – Our employees get to interact with our CEO on very important and
  sometimes difficult issues ranging from mental health to work-life balance and current affairs.
• Microsoft Teams communities focused on wellness, art, furbabies, family, parenting, and more.
• We bring in special guests from time to time to discuss issues that impact our employee
  population
  
  

The Impact

• We are proud to serve dynamic organizations around the globe that use our digital solutions to make the world a better place — quite literally. We have so many powerful success stories that illustrate how our solutions are impacting the world. See more of our impact here.

At Granicus, we offer a comprehensive and flexible benefits package designed to support your well-being, growth, and work-life balance.

Here’s what you can expect as a India-based team member:

Flexibility & Balance

• Paid Time Off– Take the time you need to rest, recharge, and live your life.
  
• Company-Wide Wellbeing Days – Paid days off to unplug and focus on your mental health.
  
• Work From Home Reimbursement – Support a productive home office environment.

Health & Wellness

• Private healthcare benefits - Comprehensive coverage for you and your family.
  
• On-Demand Mental Health Support – Access to Headspace and other wellness tools.
  
• Fitness Reimbursement & Cycle Program – Stay active, your way.
  
• Critical Illness and Life Insurance Benefits

Family & Future

• Paid Parental Leave - For both birthing and non-birthing parents.
  
• Pension plan with employer contributions

Growth & Recognition

• Online Learning Platforms – Fuel your professional development.
  
• Competitive Salary & Bonuses – Your contributions are valued and rewarded.