Enterprise Identity & Access Management Architect
Role details
Job location
Tech stack
Job description
We are looking for an Enterprise Identity & Access Management Architect. You will be responsible for defining and driving the enterprise Identity & Access Management (IAM) strategy, architecture, standards, and governance across hybrid cloud, SaaS, and on-premises environments. You will partner with cybersecurity, technology, risk, and business stakeholders to deliver secure, scalable, and resilient identity capabilities that protect the firm while enabling business growth.
Why This Role Is Important To Us
The team you will be joining is part of the Security Architecture organization, a function that is critical to the firm's ability to securely deliver technology services, manage cybersecurity risk, and meet regulatory obligations. As identity remains a cornerstone of modern security and Zero Trust architectures, this role is responsible for establishing the strategic direction, governance, and architectural standards that protect enterprise identities, privileged access, and critical business services.
What You Will Be Responsible For
As an Enterprise Identity & Access Management Architect, you will:
- Define and maintain the enterprise IAM strategy, architecture, standards, and roadmap.
- Lead the design and governance of identity services, including Identity Governance, Privileged Access Management, Authentication, Authorization, Federation, and Directory Services.
- Develop secure identity architecture patterns and reference architectures for workforce, customer, third-party, and machine identities.
- Partner with engineering, cloud, application, and cybersecurity teams to embed identity controls into enterprise platforms and services.
- Drive the adoption of Zero Trust principles, strong authentication, least privilege, and secure-by-design practices while providing architectural oversight and governance for strategic initiatives.
Requirements
- Strong security architecture and IAM domain expertise coupled with strategic thinking and sound risk-based decision-making.
- Demonstrated ability to influence enterprise-wide technology and architecture decisions.
- Strong leadership, communication, and stakeholder management skills.
- Experience leading complex, large-scale technology transformation programs across global organizations.
- Ability to balance security, operational resilience, regulatory requirements, and business enablement through practical architectural solutions., * Degree in Computer Science, Information Security, Information Technology, Engineering, or a related discipline.
- 10+ years of experience in cybersecurity, security architecture, Identity & Access Management, or related technology disciplines.
- Experience designing and implementing enterprise-scale IAM solutions across cloud, SaaS, and on-premises environments.
- Deep understanding of Identity Governance & Administration (IGA), Privileged Access Management (PAM), Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federated identity technologies.
- Experience with leading IAM platforms including Microsoft Entra ID, SailPoint, Saviynt, CyberArk, Okta, Ping Identity, ForgeRock, or equivalent technologies.
- Professional certifications such as CISSP, CCSP, TOGAF, SABSA, SailPoint, CyberArk, or equivalent security and IAM certifications are highly desirable.
Additional Requirements
- Experience operating within highly regulated industries, preferably financial services.
- Ability to work effectively with global teams and stakeholders across multiple regions.
- Limited travel may be required based on business needs.
Benefits & conditions
3.43.4 out of 5 stars Quincy, MA Hybrid work $120,000 - $202,500 a year - Full-time, Pulled from the full job description
- Health insurance
- 401(k) matching
- Paid time off
- Vision insurance
- Dental insurance
- Employee assistance program
- Disability insurance, Shift: Standard business hours with flexibility to support global stakeholders across multiple time zones.
Salary Range: $120,000 - $202,500 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.
Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans., We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.