Senior IAM/ Security Architect

Role Overview: We are looking for a Senior IAM / Security Architect with extensive hands-on experience in designing and deploying enterprise identity solutions. The role focuses on delivering architecture recommendations for a platform that will handle Identity Provisioning for multiple smaller energy providers. This position requires a seasoned professional who can quickly understand a complex organizational and technical landscape and propose practical, implementable solutions. We are seeking a true practitioner, not someone in a learning role, with deep expertise in Microsoft Entra ID and security architecture. Key Responsibilities: • Define and deliver IAM architecture recommendations for a multi-client identity provisioning platform. • Review and assess existing processes, security risks, and compliance requirements in large enterprise environments. • Provide technical guidance on:• Microsoft Entra ID, including advanced integrations • Multi-tenant / multi-client IAM implementations • Identity lifecycle management, access governance, federation, and SSO • Security standards and compliance frameworks • Collaborate with PwC DE teams and actively participate in workshops. • Recommend best practices to ensure secure, scalable, and reliable IAM solutions. Required Experience: • 5–7+ years in IAM and Security Architecture roles. • Hands-on experience implementing Microsoft Entra ID (Azure AD) solutions. • Strong expertise in: • Identity Provisioning and automation of identity management • Securing and configuring Microsoft Cloud environments in enterprise settings • Identity protocols: SAML, OAuth, OIDC, SCIM • Experience with large-scale enterprise projects. • Ability to quickly analyze complex situations and provide clear architectural guidance. • High level of autonomy and experience working directly with clients. Preferred Qualifications: • Experience in the energy sector or multi-client/MSP environments. • Microsoft certifications such as SC‑300, SC‑100, AZ‑500. • Familiarity with PAM, IGA, or SIEM tools.