IAM Architect III – Identity Governance & Administration

Accountabilities & Responsibilities

• Architect and design IGA solutions that align with the organization's security policies, compliance requirements, and business objectives.
• Develop identity lifecycle management processes and procedures for managing the entire identity lifecycle, including provisioning, authorization, and de-provisioning.
• Define access control policies and enforce least privilege principles to ensure that users have appropriate access rights based on their roles and responsibilities.
• Provide technical leadership in the areas of identity and access management and ensure alignment with best practices and security standards.
• Applies analytical and detailed approaches in the resolution of problems of workflow, organization, and planning and directs and assists junior engineers in the application of system engineering principles to the solution of secure systems design problems.
• Strong problem-solving skills and the ability to compile, analyze complex issues and recommend effective solutions.
• Work with teams to perform security assessments and tool evaluations on all application onboarding and integration requirements based on optimal enterprise architecture and design.
• Conducts workshops and integrates solutions for Identity Management platform as developed by IAM architect.
• Collaborate with teams, including developers, engineers, and project managers, to deliver successful IGA implementations.
• Prepare comprehensive user documentation, including architecture diagrams, system configurations, and operational procedures. Generate reports on IAM system performance, compliance status, and security incidents.
• Collaborate with other IT teams, collaborators, and vendors to deliver effective IAM solutions. Provide technical guidance and mentorship to junior team members.

• 5+ years professional experience as an IAM Architect or similar role, designing and implementing enterprise-level IAM solutions.
• Solid understanding of IAM concepts, protocols, and technologies, including but not limited to identity provisioning, authentication, authorization, RBAC, SSO, and federation.
• Deep technical experience with Entra ID, Active Directory, SailPoint, Saviynt, and/or other related technologies.
• In-depth understanding of identity lifecycle management concepts and processes including account management, access governance, and access control is a must-have.
• Experience in Governance, Risk, Compliance and Sarbanes Oxley (SOX) Audit support.
• Understanding of industry frameworks and standards such as OAuth, SAML, OpenID Connect, and LDAP.
• Familiarity with cybersecurity principles and standard processes, including risk management, access controls, and secure coding.
• Strong analytical and problem-solving skills, with the ability to assess complex business requirements and translate them into practical IAM solutions.
• Relevant certifications such as CISSP, CISM, or vendor-specific IAM certifications are helpful.

McDonald’s is an equal opportunity employer committed to the diversity of our workforce. We promote an inclusive work environment that creates feel-good moments for everyone. McDonald’s provides reasonable accommodations to qualified individuals with disabilities as part of the application or hiring process or to perform the essential functions of their job. If you need assistance accessing or reading this job posting or otherwise feel you need an accommodation during the application or hiring process, please contact [email protected]. Reasonable accommodations will be determined on a case-by-case basis.

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.