Software Architect (Azure)

We are seeking a Software Architect with expertise in systems architecture to lead Azure-based identity and access management solutions.You will focus on migrating authentication from on-premises Active Directory to Microsoft Entra ID and strengthen your knowledge in Identity Governance and Administration tools such as SailPoint. This role offers the opportunity to influence architectural strategies and collaborate with diverse teams to secure and optimize access management across applications. Join us to shape the future of IAM architecture in the BeSEE region and drive innovation in cloud security. ResponsibilitiesOwn and maintain the Azure architectural vision and roadmap for the BeSEE region aligned with global IAM strategiesDefine target architecture and principles for Microsoft Entra ID, IGA, PAM, and access provisioningProvide architectural leadership across workstreams ensuring technical consistency in IAM designs and implementationsDesign solutions to replace legacy custom authorization mechanisms including those based on IGA Identity Service and replicated IGA database tablesDevelop migration strategies for applications managed through custom IGA profilesPropose and implement secure and compliant solutions for managing generic accounts across applicationsPerform technical inventory and mapping of legacy custom IGA components such as APIs, sync jobs, role logic, web services, and database jobsTranslate legacy entitlement logic into sustainable IGA constructs using SailPoint workflows and PAM entitlementsStandardize connector onboarding and provisioning processes through reusable design templates and onboarding kitsLead or guide the development of custom connectors using Java/Beanshell, PowerShell, SCIM, SAP JCo, and RESTReview provisioning workflows, access request logic, and birthright provisioning with detailed code analysisPackage IAM artefacts for CI/CD pipelines using tools like Azure DevOps and GitLab while promoting secure-by-design practicesCollaborate with Transformation Office, Program Managers, Security Architects, Engineers, and Business Leads for alignment and supportAdvise project teams on architectural decisions ensuring alignment with future-state architectureLead the definition of IAM solution blueprints, patterns, and guardrails to support scalable, secure, and compliant implementationsTranslate business and security requirements into architectural models and reference implementationsReview and validate solution designs from vendors and internal teamsIdentify architectural risks and dependencies and define mitigation strategies proactivelySupport architecture governance processes for IAM and contribute to key documentation such as diagrams, roadmaps, design standards, and integration principles RequirementsExperience of 5+ years in systems architecture with a focus on identity and access managementProven leadership experience in managing architectural roadmaps and cross-functional teamsBackground in migrating authentication systems from on-premises Active Directory to Microsoft Azure Entra IDSkills in designing and implementing IGA and PAM solutions, with familiarity in SailPoint workflowsCompetency in developing and reviewing custom connectors and provisioning workflowsKnowledge of CI/CD processes and tools, including Azure DevOps and GitLabUnderstanding of technical architecture governance and risk managementCapability to translate complex business and security requirements into technical architecturesAdvanced proficiency in English (B2+/C1) Nice to haveCertifications in Microsoft Azure or identity and access management domainsExpertise in custom connector development with Java, PowerShell, or SCIMExperience with SAP JCo integrationFamiliarity with secure-by-design principles in cloud environmentsBackground in implementing identity governance tools beyond SailPoint We offerFull access to cutting-edge tools and technologiesCompetitive compensation depending on experience and skillsAll-around Social package: professional & soft skills training, medical & family care programs, sportsFree English classesUnlimited access to LinkedIn learning solutionsContinuous experience exchange with experts and professionals worldwideFriendly team and comfortable working environmentEngineering, corporate, and social events within and outside the CompanyFlexible working scheduleOpportunities for self-realization EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.