Take your engineering expertise to new heights by joining a team of exceptionally talented professionals and solidify your place among top performers in the industry.
As a Principal Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Tech Controls, you will lead the strategic design, implementation, and governance of enterprise-wide Identity and Access Management (IAM) solutions. The position demands extensive hands-on experience with leading IAM technologies, deep knowledge of security architecture, and a proven ability to drive cross-functional collaboration. This role is critical in ensuring the organization’s digital assets are protected through robust authentication, authorization, and risk management practices.
Job responsibilities
- Define and drive the IAM strategy, architecture, and roadmap to support business objectives and regulatory requirements.
- Architect, implement, and oversee large-scale IAM systems using tools such as Entra ID, ForgeRock, Ping, ADFS, SailPoint, Okta, Active Directory, and Veza.
- Lead the design and deployment of Public Key Infrastructure (PKI) solutions, including ACME protocol integration and certificate management.
- Conduct advanced threat modeling and risk assessments to identify vulnerabilities and recommend mitigation strategies.
- Develop and maintain comprehensive security architecture documentation, including IAM design patterns, technical standards, and best practices.
- Implement and manage IAM protocols and standards such as RBAC, OAuth2.0, SCIM, Authentication, WebAuthN, Authorization, OPA, and PBAC.
- Partner with engineering, application, infrastructure, and business teams to ensure IAM solutions are aligned with organizational goals and integrated seamlessly.
- Apply advanced security principles, including encryption, data security, and risk management, to all IAM solutions and processes.
- Stay abreast of emerging IAM technologies and security trends, recommending and implementing improvements to enhance security posture.
- Produce clear, detailed documentation and communicate complex technical concepts effectively to both technical and non-technical stakeholders.
Required qualifications, capabilities, and skills
- Formal training or certification on security concepts and 10+ years applied experience with a focus on IAM architecture and implementation.
- Demonstrated success in leading large-scale IAM projects in complex environments.
- Extensive hands-on experience with IAM tools: Entra ID, ForgeRock, Ping, ADFS, SailPoint, Okta, Active Directory, Veza.
- Strong background in PKI development and ACME protocol.
- Proficient in threat modeling and risk assessment methodologies.
- Deep understanding of encryption, data security, and risk management.
- Expertise in IAM principles: RBAC, OAuth2.0, SCIM, Authentication, WebAuthN, Authorization, OPA, PBAC.
- Proven ability to lead and influence cross-functional teams.
- Experience mentoring and guiding junior architects and engineers.
- Exceptional verbal and written communication skills.
- Strong documentation skills for technical and business audiences.
Preferred Qualifications, Capabilities, and Skills:
- Relevant certifications (e.g., CISSP, CISM, or vendor-specific IAM certifications)
- Strategic thinker with a proactive approach to problem-solving.
- Strong organizational and project management skills.
- Commitment to continuous learning and professional development.
#CTC