Who We Are
Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for ten consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit
What We Do
• *Remote Work Welcome**
We are seeking a highly skilled Senior IAM Security Architect to join our information security architecture team. This role requires deep expertise in the design, implementation, and management of IAM security controls, with a focus on identity protection across cloud environments. The ideal candidate will have a strong background in AWS, Azure, and Entra ID (formerly Azure AD), and possess at least 5 years of experience in IAM related security risk assessment and threat modeling. The Senior IAM Security Architect will be responsible for ensuring the secure and efficient designs for governance of user & non-human identities, access controls, and security policies within the organization. This role will also focus on establishing a Zero Trust identity posture, implementing behavioral risk assessments, and driving automation for identity security. Expertise in Single Sign-On (SSO), Multi-Factor Authentication (MFA), and modern authentication protocols is essential.
What You'll Do:
• Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements.
• Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments.
• Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network.
• Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control.
• Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events.
• Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions.
• Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets.
• Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards.
• Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems.
• Design MFA solutions to enhance authentication security, applying risk-based policies to ensure strong protection for sensitive data and critical resources.
• Develop and integrate IAM security controls with cloud platforms such as AWS, Azure, and Entra ID, ensuring secure access management across both public and hybrid cloud environments.
• Leverage native security features of cloud platforms (e.g., AWS IAM, Azure AD, Entra ID) to design scalable, secure, and automated IAM solutions.
• Lead the migration process from Hybrid Active Directory to Entra-ID based authentication to ensure minimal disruption and proper synchronization and federation across systems.
• Develop and maintain security governance frameworks for IAM, focusing on identity lifecycle management, role-based access control (RBAC), user provisioning, deprovisioning, and enforcement of least privilege.
• Ensure proper identity governance and access reviews are conducted regularly, documenting changes and exceptions as part of compliance audits.
• Collaborate with cross-functional teams, including application security, network security, infrastructure, and DevOps, to integrate IAM security best practices across systems and services.
• Stay up to date on the latest IAM trends, security threats, and technology advancements to continuously improve IAM practices and solutions.
• Implement security automation tools and workflows to improve efficiency and reduce manual efforts in identity management and access control.
What You'll Bring:
• Bachelor’s degree in computer science, Information Security, or related field