Job Details
Lead IGA Security Architect
**Become a part of our caring community and help us put health first**
The Lead IGA Security Architect is the enterprise authority for Identity Governance & Administration (IGA) and serves as the strategic owner for how digital identities, access rights, and entitlements are governed across the organization. This role defines the architectural vision, standards, and integration patterns for the full identity ecosystem-with a particular emphasis on enterprise wide source application integrations, which are foundational to identity lifecycle automation, governance accuracy, and access risk reduction.
This position plays a mission critical role in ensuring that identity data from HRIS, ERP, directories, cloud platforms, and business applications is accurately ingested, normalized, and governed. The Lead IGA Security Architect operates with broad autonomy, advising executives, influencing strategic direction, collaborating with cross functional teams, and solving complex identity challenges that have material impact on security, compliance, and operational efficiency.
**Architectural Strategy & Leadership**
+ Define the enterprise IGA strategy, reference architecture, and multi?year roadmap.
+ Establish standards for identity lifecycle processes (joiner/mover/leaver), birthright access, provisioning/deprovisioning, and entitlement governance.
+ Lead architectural oversight of the IGA platform, ensuring scalability, reliability, and alignment with Zero Trust and broader cybersecurity strategy.
+ Provide expert guidance to senior leadership on identity governance maturity, risk, gaps, and required investments.
**Enterprise Source System & Application Integration Ownership**
+ Serve as the primary architect responsible for **all enterprise source system integrations** that supply identity, access, and entitlement data into the IGA ecosystem-including HRIS platforms, ERP systems, custom business applications, directories, cloud services, and SaaS platforms.
+ Develop integration patterns, data models, mapping standards, and authoritative source configurations that ensure **high?quality, accurate, and consistent identity data across the enterprise** .
+ Oversee the full lifecycle of integration design-from requirements gathering and data profiling to connector architecture, API development standards, SCIM usage, event?driven identity flows, and validation of downstream provisioning.
+ Ensure integration reliability, failover design, data quality checks, exception handling, and governance controls for all identity?related data pipelines.
+ Prioritize and manage integration onboarding at an enterprise scale, ensuring the IGA platform expands in pace with business, application, and cloud adoption.
+ Partner with application owners, HR, IT operations, and engineering teams to ensure integrations meet compliance, risk, and architectural requirements.
**Identity Governance Design & Engineering**
+ Architect enterprise RBAC, ABAC, and policy?based access models.
+ Design access certification frameworks, segregation?of?duties controls, and entitlement governance standards.
+ Oversee provisioning workflows, connector logic, identity data transformation, and workflow automation.
+ Ensure identity policies are aligned with regulatory and audit requirements.
**Compliance, Audit, & Risk Management**
+ Ensure identity governance practices support SOX, HIPAA, PCI, ISO 27001, NIST, and internal controls requirements.
+ Develop identity governance controls that reduce audit findings and enhance entitlement hygiene.
+ Partner with Internal Audit and Risk to interpret regulatory expectations and translate them into IGA patterns and workflows.
**Use your skills to make an impact**
**Required Qualifications**
+ **SailPoint Certified IdentityNow Engineer certification** , demonstrating validated expertise in configuring, implementing, and supporting SailPoint Identity Security Cloud (ISC) solutions.
+ **5+ years of hands?on experience** in software engineering, identity implementation, or technical solution delivery, with the ability to design, build, and support identity and access?related systems.
+ **Direct, hands?on experience with SailPoint Identity Security Cloud (ISC)** , including configuration, integration, lifecycle workflows, and identity governance capabilities.
+ **Experience supporting enterprise customers or internal stakeholders** , including leading implementations, managing platform maturity, and driving successful outcomes through structured reviews or engagement cycles.
+ **Strong background in developing tools, utilities, or automation** to support application onboarding, data migration, bulk import/export processes, or publishing workflows.
+ **Proficiency with system and application integrations** , including working with APIs, data mapping, and connector or integration?focused engineering.
+ **Experience managing code repositories and version?control processes** , including repository governance, build/publish workflows, or application/package oversight.
+ **Ability to serve as the primary owner for internal systems or operational technologies** , demonstrating accountability for system reliability, support, and cross?team collaboration.
+ **Strong independent problem?solving ability** , including analyzing complex technical challenges and determining appropriate architectural or engineering solutions with minimal oversight.
+ **Excellent written and verbal communication skills** , with the ability to collaborate effectively across engineering, operations, and business teams and translate technical concepts into clear, actionable guidance.
**Preferred Qualifications**
+ Advanced hands?on experience with **SailPoint Identity Security Cloud (ISC)** , including complex connector development, custom workflows, policy configuration, and lifecycle orchestration.
+ Experience designing or implementing **IGA governance models** , including RBAC, ABAC, birthright access policies, access certification campaigns, and separation?of?duties controls.
+ Background building or architecting **enterprise?scale identity integrations** , including HR systems, ERP platforms, SaaS applications, and cloud environments such as Azure, AWS, or GCP.
+ Familiarity with **identity standards and protocols** such as SCIM, SAML, OAuth, OIDC, REST APIs, and event?driven patterns.
+ Experience leading technical design sessions, integration workshops, or architecture reviews with cross?functional teams.
+ Prior responsibility for establishing, governing, or optimizing **identity data models** , authoritative sources, and identity lifecycle processes.
+ Experience with **DevOps practices** related to identity platforms, including version control, CI/CD workflows, automated testing, or infrastructure?as?code related to IAM/IGA.
+ Professional certifications such as CISSP, CISM, Microsoft/Azure Security certifications, or SailPoint?specific certifications.
+ Demonstrated ability to mentor engineering staff and influence standards, best practices, and long?term architectural direction.
**Additional Information**
Remote/WAH requirements:
+ WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
+ A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
+ Satellite and Wireless Internet service is NOT allowed for this role.
+ A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.
**Scheduled Weekly Hours**
40
**Pay Range**
The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.
$142,300 - $195,700 per year
This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.
**Description of Benefits**
Humana, Inc. and its affiliated subsidiaries (collectively, "Humana") offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.
Application Deadline: 03-30-2026
**About us**
Humana Inc. (NYSE: HUM) is committed to putting health first - for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health - delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.
?
**Equal Opportunity Employer**
It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.
Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our https://www.humana.com/legal/accessibility-resources?source=Humana_Website.
The Lead IGA Security Architect is the enterprise authority for Identity Governance & Administration (IGA) and serves as the strategic owner for how digital identities, access rights, and entitlements are governed across the organization. This role defines the architectural vision, standards, and integration patterns for the full identity ecosystem-with a particular emphasis on enterprise wide source application integrations, which are foundational to identity lifecycle automation, governance accuracy, and access risk reduction.
This position plays a mission critical role in ensuring that identity data from HRIS, ERP, directories, cloud platforms, and business applications is accurately ingested, normalized, and governed. The Lead IGA Security Architect operates with broad autonomy, advising executives, influencing strategic direction, collaborating with cross functional teams, and solving complex identity challenges that have material impact on security, compliance, and operational efficiency.
**Architectural Strategy & Leadership**
+ Define the enterprise IGA strategy, reference architecture, and multi?year roadmap.
+ Establish standards for identity lifecycle processes (joiner/mover/leaver), birthright access, provisioning/deprovisioning, and entitlement governance.
+ Lead architectural oversight of the IGA platform, ensuring scalability, reliability, and alignment with Zero Trust and broader cybersecurity strategy.
+ Provide expert guidance to senior leadership on identity governance maturity, risk, gaps, and required investments.
**Enterprise Source System & Application Integration Ownership**
+ Serve as the primary architect responsible for **all enterprise source system integrations** that supply identity, access, and entitlement data into the IGA ecosystem-including HRIS platforms, ERP systems, custom business applications, directories, cloud services, and SaaS platforms.
+ Develop integration patterns, data models, mapping standards, and authoritative source configurations that ensure **high?quality, accurate, and consistent identity data across the enterprise** .
+ Oversee the full lifecycle of integration design-from requirements gathering and data profiling to connector architecture, API development standards, SCIM usage, event?driven identity flows, and validation of downstream provisioning.
+ Ensure integration reliability, failover design, data quality checks, exception handling, and governance controls for all identity?related data pipelines.
+ Prioritize and manage integration onboarding at an enterprise scale, ensuring the IGA platform expands in pace with business, application, and cloud adoption.
+ Partner with application owners, HR, IT operations, and engineering teams to ensure integrations meet compliance, risk, and architectural requirements.
**Identity Governance Design & Engineering**
+ Architect enterprise RBAC, ABAC, and policy?based access models.
+ Design access certification frameworks, segregation?of?duties controls, and entitlement governance standards.
+ Oversee provisioning workflows, connector logic, identity data transformation, and workflow automation.
+ Ensure identity policies are aligned with regulatory and audit requirements.
**Compliance, Audit, & Risk Management**
+ Ensure identity governance practices support SOX, HIPAA, PCI, ISO 27001, NIST, and internal controls requirements.
+ Develop identity governance controls that reduce audit findings and enhance entitlement hygiene.
+ Partner with Internal Audit and Risk to interpret regulatory expectations and translate them into IGA patterns and workflows.
**Use your skills to make an impact**
**Required Qualifications**
+ **SailPoint Certified IdentityNow Engineer certification** , demonstrating validated expertise in configuring, implementing, and supporting SailPoint Identity Security Cloud (ISC) solutions.
+ **5+ years of hands?on experience** in software engineering, identity implementation, or technical solution delivery, with the ability to design, build, and support identity and access?related systems.
+ **Direct, hands?on experience with SailPoint Identity Security Cloud (ISC)** , including configuration, integration, lifecycle workflows, and identity governance capabilities.
+ **Experience supporting enterprise customers or internal stakeholders** , including leading implementations, managing platform maturity, and driving successful outcomes through structured reviews or engagement cycles.
+ **Strong background in developing tools, utilities, or automation** to support application onboarding, data migration, bulk import/export processes, or publishing workflows.
+ **Proficiency with system and application integrations** , including working with APIs, data mapping, and connector or integration?focused engineering.
+ **Experience managing code repositories and version?control processes** , including repository governance, build/publish workflows, or application/package oversight.
+ **Ability to serve as the primary owner for internal systems or operational technologies** , demonstrating accountability for system reliability, support, and cross?team collaboration.
+ **Strong independent problem?solving ability** , including analyzing complex technical challenges and determining appropriate architectural or engineering solutions with minimal oversight.
+ **Excellent written and verbal communication skills** , with the ability to collaborate effectively across engineering, operations, and business teams and translate technical concepts into clear, actionable guidance.
**Preferred Qualifications**
+ Advanced hands?on experience with **SailPoint Identity Security Cloud (ISC)** , including complex connector development, custom workflows, policy configuration, and lifecycle orchestration.
+ Experience designing or implementing **IGA governance models** , including RBAC, ABAC, birthright access policies, access certification campaigns, and separation?of?duties controls.
+ Background building or architecting **enterprise?scale identity integrations** , including HR systems, ERP platforms, SaaS applications, and cloud environments such as Azure, AWS, or GCP.
+ Familiarity with **identity standards and protocols** such as SCIM, SAML, OAuth, OIDC, REST APIs, and event?driven patterns.
+ Experience leading technical design sessions, integration workshops, or architecture reviews with cross?functional teams.
+ Prior responsibility for establishing, governing, or optimizing **identity data models** , authoritative sources, and identity lifecycle processes.
+ Experience with **DevOps practices** related to identity platforms, including version control, CI/CD workflows, automated testing, or infrastructure?as?code related to IAM/IGA.
+ Professional certifications such as CISSP, CISM, Microsoft/Azure Security certifications, or SailPoint?specific certifications.
+ Demonstrated ability to mentor engineering staff and influence standards, best practices, and long?term architectural direction.
**Additional Information**
Remote/WAH requirements:
+ WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
+ A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
+ Satellite and Wireless Internet service is NOT allowed for this role.
+ A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.
**Scheduled Weekly Hours**
40
**Pay Range**
The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.
$142,300 - $195,700 per year
This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.
**Description of Benefits**
Humana, Inc. and its affiliated subsidiaries (collectively, "Humana") offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.
Application Deadline: 03-30-2026
**About us**
Humana Inc. (NYSE: HUM) is committed to putting health first - for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health - delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.
?
**Equal Opportunity Employer**
It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.
Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our https://www.humana.com/legal/accessibility-resources?source=Humana_Website.
Job #NLX289729840