Principal IAM Solutions Architect

We believe in the power and joy of learning

At Cengage, our employees have a direct impact in helping students around the world discover the power and joy of learning. We are bonded by our shared purpose – driving innovation that helps millions of learners improve their lives and achieve their dreams through education.  

Cengage's portfolio of businesses supports student choice by providing a range of pathways that help learners achieve their goals and lead a choice-filled life.  

Our culture values inclusion, engagement, and discovery

Our business is driven by our strong culture, and we know that creating an inclusive workplace is absolutely essential to the success of our company and our learners, as well as our individual well-being. We recognize the value of diverse perspectives in everything we do, and strive to ensure employees of all levels and backgrounds feel empowered to voice their ideas and bring their authentic selves to work. We achieve these priorities through programs, benefits, and initiatives that are integrated into the fabric of how we work every day. To learn more, please see https://www.cengagegroup.com/about/inclusion-and-belonging/.  

What you'll do here:

At Cengage, you will have an exciting opportunity to build the future evolution of Identity and Access Management (IAM) for our global educational technology company! As the Principal IAM Solutions Architect, you will:

• Define and evolve enterprise IAM architecture that aligns with business needs across workforce identity, customer identity (CIAM), and partner ecosystems.

• Develop scalable reference architectures, build patterns, and standards.

• Ensure architectural decisions are effectively accomplished and adopted.

• Lead and actively participate in the delivery of SSO, MFA, passwordless authentication, identity lifecycle process automation, access models, and API-based integrations.

• Merge and map identities within systems to federate under one platform instance.

• Work with SaaS providers to define requirements and translate them into implementation results.

• Partner and collaborate with cross-functional teams to ensure clean, secure, and scalable implementations.

• Act as Lead and point of contact for sophisticated identity challenges and blocking issues, to include the retirement of legacy systems and federation of enterprise identity platforms.

• Plan and lead implementation efforts across IAM solutions covering Okta, Azure AD (Entra ID) and other supporting systems.

• Translate strategic priorities into practical execution plans with the Director of IAM.

• Mentor IAM Team Members through real-world problem-solving and building thinking.  

Abilities required for this role:

To thrive in this position, you will need:

• 10+ years of experience in IAM, security architecture or engineering

• Consistent record as an IAM architect who has successfully delivered scalable and sustainable implementations.

• Deep expertise in OAuth 2.0, OpenID Connect (OIDC), SAML, SCIM, LTI, authentication and authorization patterns, and identity lifecycle and governance models.

• Practical experience with performing work directly within IAM platforms such as Okta and Azure AD (MS Entra)

• Proven experience with executing work surrounding API integrations, distributed systems, and cloud environments (AWS, Azure, etc.).

• Practical experience working with observability tools such as Amplitude, Dynatrace or Splunk to analyze usage and error patterns to define better architecture.

• Deep expertise designing and architecting enterprise IAM applications using Java and the Spring ecosystem, including Spring Boot-based UI, REST services and legacy SOAP integrations, with clear ownership of application structure, scalability, security and evolution. Experience using nodejs, typescript, react and JaxRs is preferred.

• Demonstrated leadership across the full SDLC, including source control and CI/CD (Git/Stash/Jenkins) and work management (JIRA), with responsibility for setting engineering standards, deployment patterns and modernization strategies for critical identity platforms.

• Proven ability to leverage the Agile Project Management methodology to complete work.

• Ability to move fluidly between architecture build, technical deep dives, and execution support.

• Preferred experience in EdTech, SaaS, or high-scale consumer environments, crafting CIAM solutions at scale, familiarity with Zero Trust Architecture and any relevant certifications (CISSP, CISM, vendor-specific IAM).  

Join us in driving innovation and excellence in IAM at Cengage!  

Cengage is committed to working with broad talent pools to attract and hire strong and most qualified individuals. Our job applicants are considered regardless of any classification protected by applicable federal, state, provincial or local laws.  

Cengage is also committed to providing reasonable accommodations for qualified individuals with disabilities including during our job application process. If you are an applicant with a disability and require reasonable accommodation in our job application process, please contact us at [email protected].  

About Cengage

Cengage, a global education technology company serving millions of learners, provides affordable, quality digital products and services that equip students with the skills and competencies needed to be job ready. For more than 100 years, we have enabled the power and joy of learning with trusted, engaging content, and now, integrated digital platforms. We serve the higher education, workforce skills, secondary education, English language teaching and research markets worldwide. Through our scalable technology, including MindTap and Cengage Unlimited, we support all learners who seek to improve their lives and achieve their dreams through education.   

Compensation

At Cengage Group, we take great pride in our commitment to providing a comprehensive and rewarding Total Rewards package designed to support and empower our employees. Click here to learn more about our Total Rewards Philosophy.

The full base pay range has been provided for this position. Individual base pay will vary based on work schedule, qualifications, experience, internal equity, and geographic location.  Sales roles often incorporate a significant incentive compensation program beyond this base pay range.

In this position,  you will be eligible to participate in the company’s discretionary incentive bonus program.  This position's bonus target amount, which is not guaranteed and is dependent on individual performance and overall company results among other factors, is provided below.