IAM Architect

HCLTech is a global technology company, home to more than 227,000 people across 60 countries, delivering industry-leading capabilities centered around AI, digital, engineering, cloud and software, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology & Services, Semiconductor, Telecom and Media, Retail and CPG, Mobility and Public Services. Consolidated revenues as of 12 months ending March 2026 totaled $14.7B.

About the Role

We are seeking a skilled and proactive IAM Architect to join our Identity & Access Management team. You will play a key role in developing and implement the vision for IAM in Pandora through new enhancements to SailPoint ISC, improving current LCS processes, finding gaps in existing processes and new applications onboardings & integrations. This role will focus on the design, implementation, and operational support of identity and access management solutions, with a strong emphasis on SailPoint IdentityNow and Microsoft Entra ID.

Key Responsibilities

• Provide the vision for the IAM domain in Pandora that will focus to provide users with seamless and secure IAM experience.

• Contribute to the continuous improvement of IAM governance, policies, and documentation.

• Collaborate with HR, IT Security, and Infrastructure teams to align IAM capabilities with business needs.

• Implement, and maintain IAM solutions using SailPoint ISC and Microsoft Entra ID.

• Implement (develop) and manage Joiner-Mover-Leaver processes integrated with third party on-prem and cloud applications i.e. ServiceNow, HR SuccessFactors, and Active Directory.

• Configure and maintain identity lifecycle workflows, access requests, birthright roles, and recertification campaigns.

• Developing scripts Java BeanShell, PowerShell. Writing queries (platform based, database).

• Integrate IAM with internal systems and external applications using REST APIs, LDAP, SAML, and OAuth.

• Monitor and troubleshoot IAM services, ensuring high availability and performance.

• Support audits and compliance reporting by maintaining accurate identity records and access logs.

What is needed to succeed

• Proven experience in IAM architecture and implementation in complex enterprise environments.

• Deep expertise in SailPoint IdentityNow, Microsoft Entra ID (Azure AD), and Active Directory (on-prem).

• Strong understanding of identity lifecycle processes (Joiner, Mover, Leaver), RBAC, and authentication protocols (SAML, OAuth, OpenID Connect). Experience supporting a broad application landscape, including legacy systems and SaaS platforms.

• Demonstrated ability to improve user onboarding and authentication experiences.

• Excellent communication and stakeholder engagement skills.

• Fluency in English, both written and verbal.

• Certifications such as CISSP, Microsoft Certified: Identity and Access Administrator Associate, or SailPoint Certified Identity Security Engineer, as well as familiarity with compliance frameworks (e.g., GDPR, ISO 27001) would be great assets.

• Experience with CI/CD pipelines and DevSecOps practices is a plus.

What we offer:

• Life insurance

• Private medical care

• MultiSport Card

• Subsidies for glasses

• Subsidies for language courses

• Christmas and holiday bonuses