Open to opportunities

Issa User

@issauser

Message

Experienced Cloud Security Architect specializing in IAM and PAM solutions.

United States

Message

What I'm looking for

I seek a role that fosters innovation in cloud security and IAM, with opportunities for professional growth and collaboration.

I am a Cloud Security Architect with over 9 years of experience in designing and implementing identity-first security architectures in enterprise cloud and hybrid environments. My specialization in IAM, PAM, and Zero Trust frameworks across AWS, Azure, and on-premises systems has enabled me to deliver secure, scalable, and automated access management solutions. I have a proven track record of bridging the gap between business needs and security imperatives, ensuring regulatory compliance while reducing insider risk.

Throughout my career, I have architected IAM integration frameworks for large organizations, deployed PAM solutions to secure privileged accounts, and automated identity lifecycle processes. My work has led to significant reductions in manual provisioning errors and security misconfigurations, as well as enhanced cloud security postures through the enforcement of least privilege access policies. I thrive in collaborative environments, partnering with DevOps teams to implement security controls that minimize risk exposure during critical operations.

Experience

Work history, roles, and key accomplishments

Current

Cloud Security Architect

Current

Ally Financial

Mar 2025 - Present (4 months)

Architected a secure and scalable IAM integration framework across AWS, Azure AD, and Okta, enabling unified access control for 25,000+ users across hybrid workloads. Deployed CyberArk PAM to secure over 1,200 privileged accounts across Windows, Linux, cloud, and DevOps environments, integrating session monitoring and automatic password rotations.

AWS Azure AD Okta Terraform Sailpoint ServiceNow FIDO2 SOX GDPR

Senior Information Security Architect (IAM)

AMEXGBT

Aug 2019 - Feb 2025 (5 years 6 months)

Designed and managed Okta Identity Cloud implementation for SSO and MFA across 15+ enterprise apps, enabling 20,000+ users to securely access apps with consistent policies. Migrated legacy LDAP-based identity infrastructure to SailPoint IdentityIQ, resulting in 40% reduction in identity-related incidents and $200K in annual cost savings.

Okta OAuth 2.0 Python PowerShell Azure AD

Security Design Engineer

Level 3 Communications / CenturyLink

Apr 2016 - Aug 2019 (3 years 4 months)

Implemented identity federation using Azure AD B2C and AWS Cognito, enabling secure SSO and user registration flows for external users and customers. Integrated multi-factor authentication (MFA) and passwordless login options into internal applications using SAML and WebAuthn/FIDO2 protocols.

Cognito MFA SAML WebAuthn PAM Python Agile

IT Support Specialist

IPSA Services

Jan 2015 - Apr 2016 (1 year 3 months)

Supported IAM policy implementation, creating role templates and mapping user access for internal applications. Assisted in deploying Open Policy Agent (OPA) policies for enforcing consistent access decisions across APIs.

IAM Open Policy Agent)Python Salesforce Box SSO

Education

Degrees, certifications, and relevant coursework

Western Governors University

Master of Science, Cybersecurity & Information Assurance

Completed a Master of Science degree focusing on advanced topics in cybersecurity and information assurance. Gained expertise in securing complex information systems and ensuring data integrity.

Western Governors University

Bachelor of Science, Network Operations & Security

Obtained a Bachelor of Science in Network Operations & Security, covering fundamental principles of network infrastructure and security protocols. Developed skills in managing and securing network environments.