Identity & Access Management Architect III

Why You Should Apply for This Job

At Freeport-McMoRan, we are committed to providing an employment package that recognizes excellence, encourages safe production and a culture supported by our core values. Here, you'll find a collaborative environment where safety is a top priority, all opinions are valued, and people are empowered to grow in their career.

Apply Today!

Where You Will Work

Our global headquarters is in Phoenix, Arizona. Several hundred employees support global operations in finance, human resources, information technology, planning and more from the main office, satellite offices or online. As a Hybrid employee, you'll engage in virtual collaboration as well as attend in-person meetings at our Collaboration Hub in Phoenix or at one of our site locations.

The Collaboration Hub provides an open, flexible workspace for individuals and teams to come together for various business needs. Amenities at the Hub include a working café, phone booths and meeting rooms with technology tools for virtual and in-person collaboration. In-person attendance may vary based on the position and department requirements.

Phoenix is the capital of the Grand Canyon State and enjoys mostly bright skies throughout the year. It is the perfect place if you enjoy the outdoors, love sports, concerts and other big city amenities or technology. There are great neighborhoods around Phoenix, with easy access to a major city, nature, the arts and many more amenities.

What You Will Do

• Lead the strategy and implementation of enterprise identity architecture across key domains, including Enterprise Identity Fabric, Microsoft Entra, Identity Governance & Administration, Agentic AI Security, Non‑Human Identity Management, and Identity Threat Detection & Response (ITDR).
• Collaborate with teams across Infrastructure, Enterprise Architecture, Security Operations, Applications, HRIS, and Compliance to develop AI‑secure, scalable patterns, standards, and multi‑year roadmaps that advance Zero Trust principles and support evolving business needs.
• Lead enterprise identity reference architecture across directories (AD/Entra), authentication and authorization, Conditional Access, federation (SAML/OIDC/OAuth), identity lifecycle management, and IGA.
• Develop and publish architecture principles, security patterns, and guardrails while ensuring alignment with Zero Trust and enterprise standards.
• Develop and maintain a 1-3 year Identity Security roadmap, including AD/Entra modernization, role engineering/RBAC, access reviews, workload and machine identity strategy, and ITDR automation.
• Prioritize initiatives and monitor KPIs to drive risk reduction and audit readiness.
• Translate business and security requirements into end‑to‑end solution designs spanning AD/Entra, IGA, and ITDR.
• Produce HLD/LLD documentation, data flow diagrams, trust boundaries, and control mappings.
• Provide design oversight through build, testing, and deployment, ensuring operational runbooks and SLAs are established.
• Define identity control objectives, metrics, and testing procedures, including joiner/mover/leaver processes, privileged access boundaries, access certification cycles, and passwordless adoption.
• Partner with Internal Audit and Compliance to ensure alignment with SOX and NIST CSF and support evidence collection.
• Facilitate architecture reviews and lead design workshops with Infrastructure, Cloud, Application, SOC, OT, and HRIS teams.
• Communicate architectural decisions clearly to both technical and executive audiences and advocate for modern identity practices (e.g., passkeys, B2B/external identities).
• Monitor identity threat landscapes and platform advancements to recommend continuous improvements, deprecations, and optimizations across the enterprise identity ecosystem.
• Perform additional responsibilities as assigned.

What You Bring

To be considered for this role, you must have:

• An Associates Degree and ten (10) years of experience in security systems technologies and ISACA, SANS, ISC (2), or CEH Certification or related security certification
• OR Bachelor's Degree in Information Systems or related field and eight (8) years of experience in security systems technologies
• OR Bachelor's Degree in Information Systems or related field and six (6) years of experience in security systems technologies and ISACA, SANS, ISC (2), or CEH Certification or related security certification
• OR Master's degree in Information Systems or related field and six (6) years of experience in security systems technologies
• OR Master's Degree in Information Systems or related field and five (5) years of experience in security systems technologies and ISACA, SANS, ISC (2), or CEH Certification or related security certification

You should also have hands-on experience in areas such as:

• Active Directory
• Entra Users, Groups, Policy & Access Management
• IGA platform
• Knowledge of CyberSecurity Zero Trust, least privilege access, and compliance frameworks (e.g., SOX, NIST CSF)
• Expertise in identity lifecycle, federation (SAML/OIDC/OAuth), Conditional Access, MFA/passwordless, and access reviews
• Understanding of Agentic AI and AI related Security Controls
• Understanding of workload/machine identity governance (managed identities, service accounts, certificates/secrets)
• Ability to create HLD/LLD, threat models, and control mappings; strong documentation and standards writing
• Ability to influence architecture decisions across distributed teams and communicate clearly to technical and non-technical stakeholders

Preferred Qualifications

• Experience with passkeys/passwordless, Verified ID/external identity, workload CA policies, and identity automation
• Exposure to SAP/HRIS authoritative data integrations and JML orchestration
• Certifications: Microsoft Identity/Entra, CISSP, CISM, or relevant IGA/ITDR certifications

What We Offer You

The estimated annual pay range for this role is currently $XX,XXX-$XX,XXX. This range reflects base salary only and does not include bonus payments, benefits or retirement contributions. Actual base pay is determined by experience, qualifications, skills and other job-related factors. This role is eligible for additional incentive compensation considerations based on company and individual performance. Additionally, this position is currently eligible for annual long-term incentive consideration. Long-term incentives are contingent upon authorized approval under the terms and conditions of the Companys plan and award agreements.

More details will be shared during the hiring process. Click here to view a sample of Total Rewards Estimate for this role.

Benefits

• Affordable medical, dental and vision benefits
• Company-paid life and disability insurance
• 401(k) plan with employer contribution/match
• Paid time off, paid sick time, holiday pay, parental leave
• Tuition Assistance
• Employee Assistance Program
• Discounted insurance plans for auto, home and pet
• Internal progression opportunities

Learn more about our competitive and comprehensive benefits package!

What We Require

Freeport-McMoRan promotes a drug/alcohol-free work environment using mandatory pre-employment drug testing as allowed by applicable laws. Equal Opportunity Employer

Please be advised Freeport-McMoRan will never request payment for job-related expenses from applicants. If you receive any suspicious emails, please disregard them, and report the incident to HRSC@fmi.com.