Principal Architect - Cybersecurity, IAM

Take your engineering expertise to new heights by joining a team of exceptionally talented professionals and solidify your place among top performers in the industry.

As a Principal Cybersecurity Architect at JPMorgan Chase within the CTC, you will lead the strategic design, implementation, and governance of enterprise-wide Identity and Access Management (IAM) solutions.

The position demands extensive hands-on experience with leading IAM technologies, deep knowledge of security architecture, and a proven ability to drive cross-functional collaboration.

This role is critical in ensuring the organization's digital assets are protected through robust authentication, authorization, and risk management practices.

Job responsibilities


* Define and drive the IAM strategy, architecture, and roadmap to support business objectives and regulatory requirements.


* Architect, implement, and oversee large-scale IAM systems using tools such as Entra ID, ForgeRock, Ping, ADFS, SailPoint, Okta, Active Directory, and Veza.


* Lead the design and deployment of Public Key Infrastructure (PKI) solutions, including ACME protocol integration and certificate management.


* Conduct advanced threat modeling and risk assessments to identify vulnerabilities and recommend mitigation strategies.


* Develop and maintain comprehensive security architecture documentation, including IAM design patterns, technical standards, and best practices.


* Implement and manage IAM protocols and standards such as RBAC, OAuth2.0, SCIM, Authentication, WebAuthN, Authorization, OPA, and PBAC.


* Partner with engineering, application, infrastructure, and business teams to ensure IAM solutions are aligned with organizational goals and integrated seamlessly.


* Apply advanced security principles, including encryption, data security, and risk management, to all IAM solutions and processes.


* Stay abreast of emerging IAM technologies and security trends, recommending and implementing improvements to enhance security posture.


* Produce clear, detailed documentation and communicate complex technical concepts effectively to both technical and non-technical stakeholders.

Required qualifications, capabilities, and skills



* Formal training or certification on security concepts and 10+ years applied experience with a focus on IAM architecture and implementation.


* Demonstrated success in leading large-scale IAM projects in complex environments.


* Extensive hands-on experience with IAM tools: Entra ID, ForgeRock, Ping, ADFS, SailPoint, Okta, Active Directory, Veza.


* Strong background in PKI development and ACME protocol.


* Proficient in threat modeling and risk assessment methodologies.


* Deep understanding of encryption, data security, and risk management.


* Expertise in IAM principles: RBAC, OAuth2.0, SCIM, Authentication, WebAuthN, Authorization, OPA, PBAC.


* Proven ability to lead and influence cross-functional t...