Principal Architect — Identity, Data Modeling, and Platform APIs

Step into the role of a Principal Architect at JPMorgan

Chase and become a driving force behind the development and adoption of cutting-edge, cloud-based technologies.

As a Principal Architect at JPMorgan

Chase within the Core Infrastructure Platforms Architecture team you provide expertise to enhance and develop architecture platforms based on modern cloud-based technologies, as well as support the adoption of strategic global solutions. Leverage your advanced architecture capabilities and collaborate with colleagues across the organization to drive best-in-class outcomes. You will design the data and API foundations that connect identity, authority, ownership, and permission to workload deployment on IaaS platforms and hypervisors.

This is a senior individual contributor role, focused on rigorous data modeling, software and API design, and identity architectures in a large, regulated financial environment. You will define canonical models and service contracts, ensure designs meet regulatory and control requirements, and partner closely with platform, engineering, and development teams.

• Defines and owns canonical data models capturing identity, authority, ownership, and permissions across compute, storage, and network resources; model relationships among people, services, applications, and infrastructure assets.
• Designs and evolves APIs and service contracts for entitlements and workload onboarding to IaaS and hypervisor platforms; establish versioning, compatibility, lifecycle, and governance for these interfaces.
• Architects identity‑aware provisioning flows and guardrails: integrate with directory and identity systems (e.g., Kerberos, Active Directory), enforce RBAC/ABAC, separation of duties, least privilege, and auditable change.
• Establishes and maintains data structures used for technology governance (e.g., product catalogs, inventories/CMDB, configuration attributes, organizational hierarchies) with clear sources of truth, lineage, and stewardship.
• Embeds compliance and controls into designs: evidence and traceability for regulatory obligations on identity, access management, and operational risk; align with firm policies and applicable regulations.
• Partners with platform teams (hypervisors, IaaS, Kubernetes) and application developers to ensure secure, operable, and scalable workload deployment patterns; produce reference architectures, patterns, and reusable templates.
• Defines policies and policy‑as‑code approaches for identity, authorization, configuration, and change; integrate controls into CI/CD and provisioning pipelines.
• Drives data quality and observability for governance datasets: schemas, validations, metadata, golden records, reconciliation, and reporting.
• Conducts architecture/design reviews; document decisions, risks, exceptions/waivers, and remediation plans; present in governance forums.
• Promotes effective ways of working: help organize team backlogs and ceremonies, ensure Jira/Kanban hygiene, run stand‑ups, and track delivery metrics to keep the team productive.

• Mentors engineers and architects; foster a collaborative, low‑ego, outcome‑focused culture.

• Formal training or certification on software Infrastructure Architecture concepts and expert applied experience
• Extensive experience architecting in large, complex, regulated financial services environments, including identity‑centric designs and production delivery.
• Deep expertise in enterprise identity management and directory services, including:
• Kerberos and Active Directory (forests/domains, trusts, group nesting, SPNs, constrained delegation, service accounts, PKI).
• Authorization models and controls (RBAC, ABAC, policy evaluation, least privilege, privileged access, break‑glass, JIT access).
• Strong data modeling skills (relational, hierarchical, graph) and schema design for governance datasets (product catalogs, CMDB/inventory, configuration attributes, organizational structures).
• Professional software and API design experience: REST/gRPC API design, versioning and compatibility strategies, service contracts, error models, pagination, performance, and security.
• Han…