Senior Identity Security Architect

Yantran LLC

SEATTLE, WA

JOB DETAILS
SKILLS
Architectural Analysis, Architectural Services, Artificial Intelligence (AI), Authentication, Build Management, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Science, Design Patterns Programming Methodologies, Documentation, Hybrid Cloud, Information Technology & Information Systems, Internet Security, Kerberos, LDAP (Lightweight Directory Access Protocol), Leadership, Machine Tool, Microsoft Active Directory, Microsoft Product Family, Migration Strategy, OAuth, Phishing, Project/Program Management, Risk Management, Security Architecture, Security Assertion Markup Language (SAML), Security Infrastructure, Software Engineering, TOGAF - The Open Group Architecture Framework, Technical Leadership
LOCATION
SEATTLE, WA
POSTED
11 days ago
Define and own the
target state architecture
and reference designs for the identity security platform across
BeyondTrust
(Password Safe, EPM, PRA),
Microsoft Entra ID ,
Active Directory ,and
SailPoint IDN .
Lead the architecture and deployment strategy for
large scale identity security modernization initiatives
privileged access transformation, identity governance modernization, cloud identity adoption, Active Directory and hybrid identity modernization, and Zero Trust identity patterns Establish architecture standards, design patterns,teams implement against, and serve as design authority through architecture and design reviews.
Develop migration and deployment strategies sequencing, cutover, rollback, and risk mitigation for moving large user and system populations onto modern identity platforms with minimal disruption.
cloud (Azure, AWS, GCP), and enterprise/SaaS applications using APIs, federation, and provisioning standards (SAML, OAuth2/OIDC, SCIM, Kerberos, LDAP).
Drive phishing resistant authentication and least privilege/PAM architecture across the enterprise.
Partner with engineering leads, security architecture, platform/cloud teams,
and program management to translate architecture into delivery roadmaps and executable workstreams.Provide technical leadership and guidance to build engineers; review designs and key implementations to ensure alignment to architecture and security requirements.
Identify and document architectural risks, dependencies, and trade offs; present recommendations and decisions to engineering and leadership audiences.ensuring designs meet Nordstrom security, compliance, and data handling requirementsLeverage AI tooling to accelerate architecture analysis, design documentation, and solution evaluationBachelor's or master's degree in Computer Science, Cybersecurity, Information Technology, or equivalent education and experience.
15+ years
of security or identity engineering experience, including
significant experience as an identity/security architect
on enterprise scale environments.
Demonstrated experience
leading large scale identity security modernization or transformation programs
end to end from target state architecture through production deployment.
Deep architecture level expertise across
two or more
of the following, with strong working knowledge of the rest:
BeyondTrust ,
Microsoft Entra ID ,
Active Directory ,
Okta,
and
SailPoint .
Strong command of identity architecture fundamentals: authentication/authorization protocols (SAML, OAuth2/OIDC, SCIM, Kerberos, LDAP), federation, MFA and phishing resistant authentication, RBAC/ABAC, least privilege, tiered administration, and Zero Trust identity.
Proven experience designing integrations and migrations across hybrid and multi cloud environments at scale.
Experience setting architecture standards and acting as a design authority across multiple delivery teams.
Excellent communication skills able to align engineers, architects, and senior leadership around architecture decisions and trade offs.
Ability to operate independently in a fast paced, multi workstream program with highArchitecture or security certifications such as CISSP, SABSA, TOGAF, Microsoft Identity
Access Administrator (SC 300), or SailPoint Certified Engineer

About the Company

Y

Yantran LLC