SailPoint IDAM Solution Architect (Outside IR35)

Role Overview

The SailPoint Solution Architect will provide strategic leadership, enterprise architecture, and security governance for the organisation's Identity and Access Management (IdAM) transformation, with SailPoint IdentityNow as the central platform.

This role combines solution architecture and security architecture responsibilities - ensuring that SailPoint deployments are secure, compliant, scalable, and effectively integrated with priority enterprise systems, including Oracle Fusion, Campus Solutions, Oncall CRM, and OpenText ILM, as well as Azure cloud services and DUO Security for MFA.

The architect will be accountable for defining the long-term IAM strategy, designing the target-state architecture, leading integration design and delivery, embedding security controls, and ensuring regulatory and compliance alignment (GDPR, ISO 27001, WCAG 2.2).

Requirements

Key Responsibilities

1. Strategic & Architectural Leadership

• Define the enterprise IAM strategy, multi-year roadmap, and target operating model for SailPoint.
• Produce and maintain the target state architecture for identity, access, and governance services.
• Develop and enforce IAM architectural standards, security controls, and integration patterns.
• Ensure designs are scalable, secure, and adaptable to organisational and regulatory needs.
• Lead architecture governance forums, risk reviews, and design sign-off processes.

2. Solution Design & Integration

• Architect SailPoint IdentityNow integrations with:
• Oracle Fusion (Payroll)
• Campus Solutions (Student Record System)
• Oncall CRM (for third parties and visiting academics)
• OpenText ILM
• Azure AD (Identity Provider) and DUO Security (MFA)
• Design ARM module configurations to enforce Segregation of Duties (SoD) policies and deliver comprehensive reporting.
• Integrate SailPoint with security solutions such as Privileged Access Management (PAM) for enhanced access control.
• Define RBAC models, identity life cycle processes, and access governance standards.

3. Security Architecture & Compliance

• Lead security-by-design for all SailPoint deployments.
• Conduct threat modelling, risk assessments, and security impact analyses for IAM solutions.
• Establish and enforce IAM security policies, authentication and authorization models, and encryption standards.
• Ensure solutions comply with applicable security frameworks (GDPR, ISO 27001, HIPAA if applicable, WCAG 2.2).
• Collaborate with compliance teams to maintain regulatory alignment and provide audit evidence.
• Continuously monitor for vulnerabilities and define mitigation strategies.

4. Roadmap & Delivery Oversight

• Translate strategic goals into phased delivery plans for IAM services.
• Oversee solution delivery across internal teams and external partners, ensuring alignment with architecture and security principles.
• Support capability building in internal teams for sustainable IAM operations.
• Validate and approve technical configurations, workflows, and customisations.

5. Stakeholder Engagement & Leadership

• Act as the primary IAM architectural authority, liaising with CIO, CISO, IT security, and business leadership .
• Present architecture, roadmap, and security strategies to technical and executive stakeholders.
• Mentor junior security and IAM team members, promoting best practices.

Must-Have Skills & Experience

• Extensive experience as a SailPoint Solution/Security Architect (IdentityNow, ARM module) covering strategy, architecture, security, and implementation .
• Proven track record in identity life cycle management, RBAC, SoD controls, and PAM integration.
• Experience integrating SailPoint with Oracle Fusion and PeopleSoft/Campus Solutions .
• Deep knowledge of SSO protocols (SAML2, OIDC) and integration with Azure AD and MFA tools (eg, DUO Security).
• Strong understanding of IAM security architecture, governance, and compliance frameworks (GDPR, ISO 27001, WCAG 2.2).
• Skilled in threat modelling, risk assessment, and vulnerability management for IAM systems.

Good-to-Have Skills

• Experience in higher education or public sector environments.
• Familiarity with other IAM platforms, directory services, and security tooling.
• Knowledge of cloud security architectures in Azure environments.
• Professional certifications such as CISSP, CISM, or relevant SailPoint certifications.