Issa User
@issauser
Experienced Cloud Security Architect specializing in IAM and PAM solutions.
What I'm looking for
I am a Cloud Security Architect with over 9 years of experience in designing and implementing identity-first security architectures in enterprise cloud and hybrid environments. My specialization in IAM, PAM, and Zero Trust frameworks across AWS, Azure, and on-premises systems has enabled me to deliver secure, scalable, and automated access management solutions. I have a proven track record of bridging the gap between business needs and security imperatives, ensuring regulatory compliance while reducing insider risk.
Throughout my career, I have architected IAM integration frameworks for large organizations, deployed PAM solutions to secure privileged accounts, and automated identity lifecycle processes. My work has led to significant reductions in manual provisioning errors and security misconfigurations, as well as enhanced cloud security postures through the enforcement of least privilege access policies. I thrive in collaborative environments, partnering with DevOps teams to implement security controls that minimize risk exposure during critical operations.
Experience
Work history, roles, and key accomplishments
Cloud Security Architect
Ally Financial
Mar 2025 - Present (4 months)
Architected a secure and scalable IAM integration framework across AWS, Azure AD, and Okta, enabling unified access control for 25,000+ users across hybrid workloads. Deployed CyberArk PAM to secure over 1,200 privileged accounts across Windows, Linux, cloud, and DevOps environments, integrating session monitoring and automatic password rotations.
Senior Information Security Architect (IAM)
AMEXGBT
Aug 2019 - Feb 2025 (5 years 6 months)
Designed and managed Okta Identity Cloud implementation for SSO and MFA across 15+ enterprise apps, enabling 20,000+ users to securely access apps with consistent policies. Migrated legacy LDAP-based identity infrastructure to SailPoint IdentityIQ, resulting in 40% reduction in identity-related incidents and $200K in annual cost savings.
Security Design Engineer
Level 3 Communications / CenturyLink
Apr 2016 - Aug 2019 (3 years 4 months)
Implemented identity federation using Azure AD B2C and AWS Cognito, enabling secure SSO and user registration flows for external users and customers. Integrated multi-factor authentication (MFA) and passwordless login options into internal applications using SAML and WebAuthn/FIDO2 protocols.
IT Support Specialist
IPSA Services
Jan 2015 - Apr 2016 (1 year 3 months)
Supported IAM policy implementation, creating role templates and mapping user access for internal applications. Assisted in deploying Open Policy Agent (OPA) policies for enforcing consistent access decisions across APIs.
Education
Degrees, certifications, and relevant coursework
Western Governors University
Master of Science, Cybersecurity & Information Assurance
Completed a Master of Science degree focusing on advanced topics in cybersecurity and information assurance. Gained expertise in securing complex information systems and ensuring data integrity.
Western Governors University
Bachelor of Science, Network Operations & Security
Obtained a Bachelor of Science in Network Operations & Security, covering fundamental principles of network infrastructure and security protocols. Developed skills in managing and securing network environments.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Job categories
Interested in hiring Issa?
You can contact Issa and 90k+ other talented remote workers on Himalayas.
Message IssaFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
