Lead Cybersecurity Architect - IAM Architecture

JPMorgan

Chase is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, and institutional investors. Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry.

As a Lead Architect for IAM at JPMorgan Chase within the CTC (Cybersecurity & Technology Controls), you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications on modern cloud-based technologies. As a core technical contributor, you are responsible for carrying out critical cybersecurity architecture solutions by identifying, creating, and communicating risk, mitigation options, and solutions across multiple technical areas within various business functions in support of project goals.

• Provide architecture and support for the adoption and management of Access Management, Directory & Federation Services, Single Sign-On (SSO), Multi-factor Authentication (MFA), and similar secure authentication services.
• Lead the development and maintenance of the Identity Management Controls, ensuring alignment with industry best practices.
• Develop, build, and maintain technology design and architecture to enable continuous contextual authentication and authorization, fostering innovation and continuous improvement.
• Mentor junior team members and lead cross-functional teams to drive cybersecurity initiatives and projects.
• Engage with stakeholders across various technical and business functions to develop and maintain the roadmap for enterprise IAM solutions, ensuring alignment with strategic goals.
• Conduct risk assessments and manage cybersecurity risks, implementing effective mitigation strategies.
• Maintain up-to-date knowledge of identity and access management best practices and encourage continuous learning and professional development within the team.

• At least 5 years of design and development experience in large-scale, complex environments with heavy regulatory needs.
• Expertise in Authentication and Authorization protocols, including OAuth, OIDC, SAML, SCIM, Encrypt ions, and privileged access management.
• Hands‑on experience delivering enterprise‑grade security products.
• Advanced proficiency in one or more programming languages and object‑oriented programming (e.g., Python, Go).
• Proficiency in automation, continuous delivery methods (CI/CD), and Infrastructure as Code (IaC).
• Strong understanding of agile methodologies, application resiliency, and security.
• In‑depth knowledge of the financial services industry and their IT systems.
• Experience in directory services and identity data management.

• Strong skills in cybersecurity, architecture, and process engineering.
• Excellent collaboration, communication, and stakeholder management skills.
• Experience with third‑party tools and technologies, including SailPoint, Microsoft Entra , Forge Rock, Ping Identity/Access, API Gateways, Active Directory, Cyber Ark, Delinea, and Hashi Corp Vault.