Your Team Responsibilities
The Identity and Access Management (IAM) team builds and maintains a scalable platform that powers high-throughput, low-latency authentication and authorization services critical to our enterprise ecosystem. As an IAM Solutions Architect, you will collaborate closely with cross-functional stakeholders to design and deliver secure, efficient, and future-proof IAM solutions aligned with business needs. You will play a pivotal role in modernizing the IAM infrastructure, enhancing user experience through automation, and ensuring compliance through robust access controls.
Your Key Responsibilities
IAM Strategy & Solution Design
- Develop and execute strategies for managing digital identities and access permissions across the organization.
- Collaborate with cross-functional stakeholders to deliver scalable IAM solution designs that meet evolving business and compliance requirements.
- Keep pace with industry trends and emerging technologies to proactively enhance security and system architecture.
Access Management & Enforcement
- Build secure, high-throughput authentication mechanisms using modern protocols (e.g., OAuth2, OIDC, SAML).
- Define and enforce fine-grained access policies to ensure users have appropriate access to systems and data.
- Help evolve and modernize a complex access management schema that supports multiple lines of business and applications.
- Design and implement a modular access enforcement engine that supports future growth, scalability, and auditability.
User Lifecycle & Operational Excellence
- Manage the full lifecycle of user identities: creation, provisioning, modification, deactivation, and termination.
- Investigate and resolve incidents related to identity and access, ensuring minimal business disruption.
- Deliver custom self-service IAM tools to reduce manual support requests by 60% or more.
- Successfully decommission at least one legacy access control subsystem as part of platform modernization.
Team Collaboration & Leadership
- Foster a high-performing, collaborative engineering team with measurable improvements in delivery velocity, operational efficiency, and engagement.
Your Skills And Experience That Will Help You Excel
- 15+ years of engineering experience, with 5+ years focused on IAM systems or entitlement frameworks
- Proven ability to design and implement backend services from scratch, not just integrate or configure vendor platforms
- Strong coding skills in Go, Java, or Node.js, with recent, production-level contributions
- Deep understanding of authorization models (RBAC, ABAC, PBAC) and related protocols (OAuth2, OIDC, SAML)
- Experience with MongoDB, CI/CD pipelines, and REST-based microservices
- Solid experience with DevOps practices, including infrastructure automation, monitoring, and deployment (e.g., using Docker, Terraform, GitHub Actions, or Azure DevOps)
- Familiarity with compliance frameworks (e.g., SOX, NIST, GDPR) and how they impact IAM design
- Demonstrated leadership of engineering teams in Agile environments
Preferred Qualifications
- Experience with Auth0, Azure AD, or similar identity providers
- Strong familiarity with Open Policy Agent (OPA) or other policy-as-code tools
- Exposure to AI/ML for access behavior analytics or anomaly detection
- Experience implementing Zero Trust architectures, service mesh, or secure infrastructure IAM
- Comfort working across platform engineering, infrastructure, and product teams
About MSCI
What we offer you
- Transparent compensation schemes and comprehensive employee benefits, tailored to your location, ensuring your financial security, health, and overall wellbeing.
- Flexible working arrangements, advanced technology, and collaborative workspaces.
- A culture of high performance and innovation where we experiment with new ideas and take responsibility for achieving results.
- A global network of talented colleagues, who inspire, support, and share their expertise to innovate and deliver for our clients.
- Global Orientation program to kickstart your journey, followed by access to our Learning@MSCI platform, LinkedIn Learning Pro and tailored learning opportunities for ongoing skills development.
- Multi-directional career paths that offer professional growth and development through new challenges, internal mobility and expanded roles.
- We actively nurture an environment that builds a sense of inclusion belonging and connection, including eight Employee Resource Groups. All Abilities, Asian Support Network, Black Leadership Network, Climate Action Network, Hola! MSCI, Pride & Allies, Women in Tech, and Women’s Leadership Forum.
At MSCI we are passionate about what we do, and we are inspired by our purpose – to power better investment decisions. You’ll be part of an industry-leading network of creative, curious, and entrepreneurial pioneers. This is a space where you can challenge yourself, set new standards and perform beyond expectations for yourself, our clients, and our industry.
MSCI is a leading provider of critical decision support tools and services for the global investment community. With over 50 years of expertise in research, data, and technology, we power better investment decisions by enabling clients to understand and analyze key drivers of risk and return and confidently build more effective portfolios. We create industry-leading research-enhanced solutions that clients use to gain insight into and improve transparency across the investment process.
MSCI Inc. is an equal opportunity employer. It is the policy of the firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, gender, gender identity, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy (including unlawful discrimination on the basis of a legally protected parental leave), veteran status, or any other characteristic protected by law. MSCI is also committed to working with and providing reasonable accommodations to individuals with disabilities. If you are an individual with a disability and would like to request a reasonable accommodation for any part of the application process, please email
[email protected] and indicate the specifics of the assistance needed. Please note, this e-mail is intended only for individuals who are requesting a reasonable workplace accommodation; it is not intended for other inquiries.
