Sail Point Identity IQ Architect is responsible to design and lead compliant identity governance solutions for highly regulated sectors like pharmaceuticals, biotech, and medical devices, where systems must adhere to standards such as 21 CFR Part 11, EU Annex 11, GAMP 5, and data integrity principles (ALCOA+).
Role Scope
Sail Point Identity IQ Architect oversees the full lifecycle of IIQ implementations, from initial architecture to ongoing governance, ensuring all components support validated operations that minimize risks to product quality, patient safety, and regulatory audits.
They act as the primary technical authority, bridging IT security, quality assurance (QA), and business stakeholders to deliver scalable, audit-defensible IAM solutions.
Expectations include hands-on leadership in complex, multi-environment deployments (dev/test/prod) with zero-downtime strategies for production Gx P systems.
Core Responsibilities Solution Architecture : Design end-to-end IIQ architectures, including aggregation, provisioning/de-provisioning, certifications, role-based access control (RBAC), segregation of duties (So D), and compliance modules, optimized for Gx P workloads like LIMS, MES, ERP (SAP), and clinical trial systems. Gx P Compliance Leadership : Conduct risk assessments (FMEA), author validation master plans (VMP), and execute IQ/OQ/PQ protocols; ensure electronic signatures, audit trails, and change control align with FDA/EMA requirements. Integration Mastery : Build and validate connectors for directories (AD/LDAP/Azure AD), HR systems (Workday/Success Factors), ticketing (Service Now), and Gx P apps; implement Joiner-Mover-Leaver (JML) automations with failover mechanisms. Customization and Optimization : Develop advanced rules (Beanshell, Java, Velocity), workflows, forms, and APIs; performance-tune for high-volume environments (e.g., 100k+ identities); manage upgrades/patching with regression testing. Audit and Governance : Lead access reviews, remediation campaigns, and CAPA processes; prepare for inspections by generating compliant reports and defending configurations.
Team Leadership : Mentor engineers, conduct code reviews, and provide advisory support on SDLC artifacts (requirements, design specs, traceability matrices).
Required Qualifications Experience : 10+ years in IAM/IGA, with 7+ years architecting IIQ (8.x+ preferred); 5+ years in Gx P/pharma with proven validation deliveries.
Domain Expertise : Deep knowledge of identity lifecycle management, least privilege, and regulatory frameworks (HIPAA, GDPR in addition to Gx P).
Technical Proficiencies
Domain
Essential Skills and Tools
IIQ Core
Lifecycle Manager (LCM), Compliance Manager, Role Mining, Access Request, SOD Configurator; clustering, HSM integration
Development
Java 8+, Beanshell scripting, XML/XSLT, REST/SOAP APIs, SQL (Oracle/Postgre SQL), Power Shell
Infrastructure
App servers (Tomcat/JBoss), databases, Linux/Unix, cloud (AWS/Azure for hybrid Gx P)
Gx P-Specific
Validation tooling (HP ALM, Jira), risk management (GAMP categories), data integrity controls
Integrations
Connectors (JDBC, SAP, O365, Workday); SIEM (Splunk), PAM (Delinea/Cyber Ark)
Preferred Certifications and Soft Skills
Sail Point Certified IIQ Architect/Engineer; CISSP, CISM. Exceptional communication for executive briefings, QA negotiations, and global teams; proactive problem-solving in high-stakes audits.
