Lead Domain Security Architect (AI, Identity and Access Management)

Job Summary

Farmers is seeking a visionary and deeply experienced Lead Domain Security Architect to own, mature, and drive the strategy for our enterprise Identity and Access Management (IAM) solutions. This is a senior, individual contributor role responsible for helping to build and lead security architecture practice and architecting the future of how we manage identity to strengthen security, protect sensitive customer data, and enable a frictionless user experience. You will serve as the senior strategic advisor for all aspects of IAM, with a special focus on securing our critical data. The ideal candidate is a master of identity security who will leverage AI and modern architectural patterns to close security gaps, ensure regulatory compliance, and improve productivity through seamless and secure access.

(Farmers position title: Lead Domain Architect)

IAM Architecture & Practice Maturity

• Lead the development and maturation of the enterprise IAM architecture practice, establishing processes, mentoring team members, and elevating the firm’s overall identity security posture.
• Develop, maintain, and govern the enterprise IAM security architecture roadmap, covering Identity Governance and Administration (IGA), Privileged Access Management (PAM), Single Sign-On (SSO), and Multi-Factor Authentication (MFA).
• Define the strategy and conceptual architecture for modernizing our identity platforms, including the migration to next-generation IGA solutions and the evolution of our PAM capabilities.
• Create and champion reusable IAM security patterns, standards, and reference architectures for SaaS, cloud, and on-premise environments.
• Serve as the primary subject matter expert for IAM, providing strategic guidance on complex identity challenges related to M&A, divestitures, and hybrid cloud integration.

AI, Contact Center, and IVR Security

• Develop the strategic IAM security framework for our AI-driven customer interaction workloads, including the Contact Center as a Service (CCaaS) platform and conversational AI/IVR systems.
• Architect solutions that ensure the end-to-end protection of sensitive customer data (PII/PCI) ingested and processed by these platforms.
• Design secure authentication and authorization patterns for both customers and agents interacting with AI-driven services, leveraging technologies like adaptive MFA and biometrics where appropriate.
• Integrate IAM principles into the AI/ML ecosystem to enhance threat detection, user behavior analytics (UBA), and risk-based access controls.

Strategic Project & Program Alignment

• Provide strategic architectural guidance for critical enterprise transformations, ensuring IAM is a core enabler for cloud migrations, data center exits, and legacy system modernization.
• Develop high-level, conceptual architectures for major initiatives, ensuring solutions for identity governance, privileged access, and authentication are fundamentally secure and aligned with the enterprise strategy.
• Define how the IAM architecture supports the secure lifecycle of customer data, from capture in interaction platforms to its storage and use across the enterprise.

Governance, Risk & Compliance (GRC)

• Partner with GRC teams to translate regulatory requirements (e.g., SOX, CPRA, PCI-DSS, GDPR) into technical IAM strategies and architectural patterns, with a strong focus on protecting customer PII.
• Establish and govern IAM architectural standards to ensure compliance, simplify audits, and reduce enterprise risk.
• Drive and participate in security architecture governance processes for all identity-related initiatives.

What You'll Bring

• 6 years relevant experience in Domain Architecture required preferably in the delivery of single domain architecture solutions.
• Minimum 6 years of experience in cybersecurity, with at least 5 years in a senior or enterprise architect role with a primary focus on Identity and Access Management within a large, complex enterprise environment (insurance industry),  preferred.
• Proven experience developing enterprise-level IAM strategies, roadmaps, and conceptual architectures, preferred. 
• Demonstrable experience providing strategic guidance for large-scale IAM transformations, such as IGA or PAM implementations and migrations, preferred. 
• Strategic experience with the identity models of major cloud providers (AWS, Azure, or GCP), preferred. 
• Experience in the insurance industry or other highly regulated financial services environments, preferred. 
• Strategic experience in defining security architecture for AI/ML systems, preferred. 

Education You'll Need

• Bachelor's degree required. Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, preferred. 
• Master’s degree in a relevant technical or cybersecurity field, preferred. 
• One or more senior-level industry certifications, such as CISSP, CISM, CCSP, or TOGAF, preferred. 
• Relevant certifications in IAM or cloud platforms (e.g., SailPoint Certified Identity Professional, CyberArk Certified Delivery Engineer, cloud provider certifications), preferred. 

Technical Skills

• Identity & Access Management (IAM): Expert-level knowledge of IAM strategies and architectural models, including:
• IGA: SailPoint, Saviynt, or similar.
• PAM: CyberArk, Delinea, or similar.
• Authentication/Federation: Azure AD, Okta, Ping Identity; SAML, OAuth, OIDC.
• AI & Contact Center Security: Strong architectural knowledge of securing CCaaS platforms, conversational AI/IVR systems, and protecting sensitive data (PII/PCI) within customer interaction channels.
• Security Frameworks: Expert knowledge of industry-standard frameworks such as NIST CSF, ISO 27001, and CIS Controls as they apply to identity.
• Cloud Security: Deep understanding of cloud identity and access management patterns (CIEM) and native IAM controls in AWS, Azure, and GCP.
• Directory Services: Strong architectural knowledge of Active Directory, Azure Active Directory, and LDAP.

Additional Skills

• Strategic mindset with the ability to see the bigger picture and anticipate future identity challenges.
• Exceptional written and verbal communication skills, capable of influencing both technical and executive audiences.
• Ability to influence and collaborate with technical and non-technical stakeholders across all levels of the organization.
• Excellent analytical, problem-solving, and negotiation skills.
• High level of business acumen with a proven ability to balance security risks with business objectives.

Physical Actions

Physical Environment