girl looking into her desktop
Back to search results

Senior Architect - Identity Management Services, Core Technology Infrastructure

Jersey City, New Jersey;

Job Description:

The Identity Management (IDM) Services organization is seeking a Senior Architect responsible for the strategy across all identity services, both current and future state, within the IDM portfolio and will participate in the high-level technical design across these services.

This is an individual contributor role, reporting directly to the IDM Services Executive. 

The individual work with the functional teams responsible for engineering services under the IDM Services Executive and partner with stakeholders in both our Technology Infrastructure Services (TIS) and Global Information Security (GIS) organizations on strategic initiatives.

Primary Responsibilities:

  • Develops and participates in technical design & strategy across all Identity Management services (existing & future state)
  • Understands at an expert level technical requirements for all IDM services including security and networking considerations
  • Unifies identity strategy for on premise identity solutions along with our cloud identity solutions
  • Works with each IDM functional manager and TIS/GIS partners to develop high-level designs
  • Researches and recommends new technologies and improvements which address enterprise gaps across the IDM portfolio
  • Ensures practical feasibility of technical solutions in accordance with GIS architecture standards
  • Understands how all IDM services tie together and impact to the enterprise, along with interdependencies on enterprise services
  • Participates in senior level audit engagements and discussions
  • Produces and showcases Identity strategy via diagrams and other materials presented to senior management
  • Identifies opportunities to streamline service offerings where there are technical capabilities overlap
  • Partners with key stakeholders in Global Information Security regarding vulnerability assessments and threat modeling for identity services
     

Required skills:

  • 10+ years developing and architecting identity management solutions
  • Deep technical experience of Active Directory with focus on security architecture and environment hardening
  • Experience architecting/engineering password vaulting solutions such as CyberArk, Hashicorp Secrets Vault, Thycotic Secret Server, etc.
  • Experience architecting/engineering privileged access tools such as PowerBroker and Active Roles Server
  • Experience architecting/engineering Microsoft identity management solutions such as FIM/MIM (Forefront/Microsoft Identity Manager) and SSGM (Self Service Group Management)/SSPM (Self Service Password Management)
  • Experience architecting/engineering cloud identity solutions such as Microsoft Azure ADconnect and integration with other cloud provides such as Amazon, Google, etc.
  • Advanced security prowess with identity management solutions (latest security threats/trends and mitigation thereof)
  • Experience with best practices for identity management disaster recovery
  • Strong working knowledge of Windows/*NIX operating systems platforms, DNS, networks, DMZs, firewalls, network security zones, etc.
  • Deep, in-depth working knowledge of Kerberos (Microsoft and MIT/Heimdal) and NTLM authentication
  • Working experience with MFA, SSO and federation technologies
  • Strong knowledge of LDAP protocol
  • Experience with non-Windows integration with Active Directory (Vintela VAS integration, RedHat IdM, etc.)
  • Working knowledge of Certificate/CA/PKI infrastructure
  • Experience and confidence to be the senior architect for all IDM identity services in a very large/complex environment
  • Excellent communication skills, including experience effectively communicating technical challenges and solutions to peers, customers and senior management

Desired Skills:

  • Experience with Microsoft’s Enhanced Security Architecture Environment (ESAE) -  “Red/Bastion/Admin” forest design; including JIT (just in time) & JEA (just enough administration) concepts; Microsoft PAM (Privileged Access Manager)
  • Red Team assessment, exposure and interaction
  • Knowledge of threat analytics tools
  • Scripting/programming knowledge (PowerShell, Python, C#, VBscript, Javascript, Perl)
  • Knowledge of database platforms
  • Unix/Linux skills

    Core Technology Infrastructure Organization:

    • Is committed to building a workplace where every employee is welcomed and given the support and resources to perform their jobs successfully.
    • Wants to be a great place for people to work and strive to create an environment where all employees have the opportunity to achieve their goals.
    • Believes diversity makes us stronger so we can reflect, connect and meet the diverse needs of our clients and employees around the world.
    • Provides continuous training and development opportunities to help employees achieve their career goals, whatever their background or experience.
    • Is committed to advancing our tools, technology, and ways of working to better serve our clients and their evolving business needs.
    • Believes in responsible growth and is dedicated to supporting our communities by connecting them to the lending, investing and giving they need to remain vibrant and vital.

    LOB Job Profile:

    Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology and platform choices. Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities. Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions. Contributes to best practices, standard templates, and the architecture roadmap for defined domains. Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap. Contributes to the development of best practices including standardized templates. Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog. Leads rapid shaping of a high level architecture with details filled in with emerging business requirements; ensures architecture is flexible and modular and designed to adapt easily. Facilitates solution driven discussions, leads the design of complex architectures, and finds creative solutions through practical experiments and POCs. Works with Product Manager/Owner to plan and prioritize technology focused backlog items for the architecture runway to enable business epics/features and expand into new opportunities. Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments. Performs design and code reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability). Supports the Principal Engineer as needed to select the technology stack needed for solutions, and helps select preferred technology products. Educates team members on the technology practices, standardization strategies and best practices to create innovative solutions. Individual Contributor.

    Job Band:

    H4

    Shift: 

    1st shift (United States of America)

    Hours Per Week:

    40

    Weekly Schedule:

    Referral Bonus Amount:

    0

    Job Description:

    The Identity Management (IDM) Services organization is seeking a Senior Architect responsible for the strategy across all identity services, both current and future state, within the IDM portfolio and will participate in the high-level technical design across these services.

    This is an individual contributor role, reporting directly to the IDM Services Executive. 

    The individual work with the functional teams responsible for engineering services under the IDM Services Executive and partner with stakeholders in both our Technology Infrastructure Services (TIS) and Global Information Security (GIS) organizations on strategic initiatives.

    Primary Responsibilities:

    • Develops and participates in technical design & strategy across all Identity Management services (existing & future state)
    • Understands at an expert level technical requirements for all IDM services including security and networking considerations
    • Unifies identity strategy for on premise identity solutions along with our cloud identity solutions
    • Works with each IDM functional manager and TIS/GIS partners to develop high-level designs
    • Researches and recommends new technologies and improvements which address enterprise gaps across the IDM portfolio
    • Ensures practical feasibility of technical solutions in accordance with GIS architecture standards
    • Understands how all IDM services tie together and impact to the enterprise, along with interdependencies on enterprise services
    • Participates in senior level audit engagements and discussions
    • Produces and showcases Identity strategy via diagrams and other materials presented to senior management
    • Identifies opportunities to streamline service offerings where there are technical capabilities overlap
    • Partners with key stakeholders in Global Information Security regarding vulnerability assessments and threat modeling for identity services
       

    Required skills:

    • 10+ years developing and architecting identity management solutions
    • Deep technical experience of Active Directory with focus on security architecture and environment hardening
    • Experience architecting/engineering password vaulting solutions such as CyberArk, Hashicorp Secrets Vault, Thycotic Secret Server, etc.
    • Experience architecting/engineering privileged access tools such as PowerBroker and Active Roles Server
    • Experience architecting/engineering Microsoft identity management solutions such as FIM/MIM (Forefront/Microsoft Identity Manager) and SSGM (Self Service Group Management)/SSPM (Self Service Password Management)
    • Experience architecting/engineering cloud identity solutions such as Microsoft Azure ADconnect and integration with other cloud provides such as Amazon, Google, etc.
    • Advanced security prowess with identity management solutions (latest security threats/trends and mitigation thereof)
    • Experience with best practices for identity management disaster recovery
    • Strong working knowledge of Windows/*NIX operating systems platforms, DNS, networks, DMZs, firewalls, network security zones, etc.
    • Deep, in-depth working knowledge of Kerberos (Microsoft and MIT/Heimdal) and NTLM authentication
    • Working experience with MFA, SSO and federation technologies
    • Strong knowledge of LDAP protocol
    • Experience with non-Windows integration with Active Directory (Vintela VAS integration, RedHat IdM, etc.)
    • Working knowledge of Certificate/CA/PKI infrastructure
    • Experience and confidence to be the senior architect for all IDM identity services in a very large/complex environment
    • Excellent communication skills, including experience effectively communicating technical challenges and solutions to peers, customers and senior management

    Desired Skills:

    • Experience with Microsoft’s Enhanced Security Architecture Environment (ESAE) -  “Red/Bastion/Admin” forest design; including JIT (just in time) & JEA (just enough administration) concepts; Microsoft PAM (Privileged Access Manager)
    • Red Team assessment, exposure and interaction
    • Knowledge of threat analytics tools
    • Scripting/programming knowledge (PowerShell, Python, C#, VBscript, Javascript, Perl)
    • Knowledge of database platforms
    • Unix/Linux skills

      Core Technology Infrastructure Organization:

      • Is committed to building a workplace where every employee is welcomed and given the support and resources to perform their jobs successfully.
      • Wants to be a great place for people to work and strive to create an environment where all employees have the opportunity to achieve their goals.
      • Believes diversity makes us stronger so we can reflect, connect and meet the diverse needs of our clients and employees around the world.
      • Provides continuous training and development opportunities to help employees achieve their career goals, whatever their background or experience.
      • Is committed to advancing our tools, technology, and ways of working to better serve our clients and their evolving business needs.
      • Believes in responsible growth and is dedicated to supporting our communities by connecting them to the lending, investing and giving they need to remain vibrant and vital.

      LOB Job Profile:

      Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology and platform choices. Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities. Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions. Contributes to best practices, standard templates, and the architecture roadmap for defined domains. Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap. Contributes to the development of best practices including standardized templates. Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog. Leads rapid shaping of a high level architecture with details filled in with emerging business requirements; ensures architecture is flexible and modular and designed to adapt easily. Facilitates solution driven discussions, leads the design of complex architectures, and finds creative solutions through practical experiments and POCs. Works with Product Manager/Owner to plan and prioritize technology focused backlog items for the architecture runway to enable business epics/features and expand into new opportunities. Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments. Performs design and code reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability). Supports the Principal Engineer as needed to select the technology stack needed for solutions, and helps select preferred technology products. Educates team members on the technology practices, standardization strategies and best practices to create innovative solutions. Individual Contributor.

      Shift:

      1st shift (United States of America)

      Hours Per Week: 

      40

      Learn more about this role

      Full time

      JR-21068630

      Band: H4

      Manages People: No

      Travel: No

      Manager:

      Talent Acquisition Contact:

      Kathleen Jones-Griffith

      Referral Bonus:

      0