Principal Architect - Identity & Access Management (Remote)
Description:
Find your future at United! We’re reinventing what our industry looks like, and what an airline can be – from the planes we fly to the people who fly them. Join a team of over 100,000 members who share a passion and diverse skills for leading.
Join our Cybersecurity and Digital Risk (CDR) team to help us also lead the airline industry in cyber-safety. United’s CDR team is tasked with keeping our customers’ and employees’ information safe and secure. Our primary mission is to embed cybersecurity into the DNA of United Airlines by reducing business risk through implementation of strong cybersecurity standards.
Achieving our ambitions starts with supporting yours. Evolve your career and find your next opportunity. Get the care you need with industry-leading health plans and best-in-class programs to support your emotional, physical, and financial wellness. Expand your horizons with travel across the world’s biggest route network. Connect outside your team through employee-led Business Resource Groups.
Create what’s next with us. Let’s define tomorrow together. Apply today!
Job overview and responsibilities
The Principal Architect – Workforce Identity & Access Management (WIAM) will design a modern workforce IAM experience that delivers secure, reliable, scalable, and performant identity platforms and systems. The Principal Architect is a senior level position that works closely with development teams, digital product teams, and other architects across security and business functions to integrate identity security into product and workforce identity lifecycles (for both human and non-human identities) and optimize experiences around risk-based authentication and authorization for our workforce customers.
This technical leader will define, craft, implement, review, advise, and guide implementation of workforce identity architecture and will take a strong hands-on role, working with diverse teams across United as well as with external partners to define and support identity innovation. On any given day, the Principal Architect can be pulled in to evaluate a new tool, contribute to short and long-term strategic Identity roadmaps, or provide guidance across United on IAM relevant standards and frameworks, authentication and authorization protocols, and how to successfully implement these across a range of capabilities.
Leads design, technical innovation, and documentation of Workforce Identity & Access Management platform architecture and roadmap
Translates business requirements into technical architecture
Leads the design, definition and implementation of risk-based authentication and authorization identity security best practices and updating Cybersecurity and Digital Risk standards and policies to ensure clarity with technology teams
Recommends and implements products/services that support workforce identity operational needs and security requirements, considering performance, compliance, and business continuity needs that ensure performant, scalable, highly available, and resilient IAM capabilities
Promotes and contributes to the continuous improvement of security culture and strategy based on business objectives and security priorities
Participates in capacity planning, formulating and contributing to Objectives and Key Results,
Serves as a department Subject Matter Expert, and mentors, trains, and coaches junior members of the IAM team
What’s needed to succeed (Minimum Qualifications):
Bachelor's degree
STEM
7+ years of experience in related field such as identity and access management, secure coding, security architecture, threat modeling, governance risk and compliance, ethical hacking
7+ years of experience working with cloud/hybrid-based identity and zero-trust enablement platforms such as ForgeRock, Okta, Ping Identity, Oracle Access Manager, AWS IAM, Microsoft Entra, Azure Active Directory, Zscaler, Duo
Deep expertise in identity management, authentication, authorization, and security architecture, including technologies like SSO, SAML, OAuth2, OIDC, FIDO, and Zero Trust principles
Hands-on experience developing enterprise security architecture; Demonstrated ability to build custom IAM tooling for automation, integration, and enhanced capabilities and working with security development lifecycle processes and tools
Demonstrated ability to set technical direction and lead organizations through complex architectural transformations
Strong collaborator, able to influence and build productive relationships across technical and business teams
Ability to effectively articulate security and identity concepts to technical and non-technical audiences
Familiarity with NIST Cybersecurity Framework, PCI and SOX requirements
Proven experience effectively leveraging AI technologies for identity management, such as ML-based access anomaly detection and generative AI for governance
Must be legally authorized to work in the United States for any employer without sponsorship
Successful completion of interview required to meet job qualification
Reliable, punctual attendance is an essential function of the position
What will help you propel from the pack (Preferred Qualifications):
Master's degree in Computer Science, Engineering, or Cybersecurity
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Controls (CRISC)
Certified Ethical Hacker
Minimum of 10 years of experience in related field, including any combination of the following\: threat modeling, secure coding, identity management and authentication, security architecture, data science, machine learning, cryptography, system administration and network security, cloud computing, governance risk and compliance
10+ years of experience working with an IAM platforms
Airline Industry experience
Familiarity with transportation sector specific regulatory and compliance requirements
Experience in leading/architecting large-scale identity transformation projects
Security threat modeling and risk assessments
Experience implementing Zero Trust architecture
Experience with large language models for security automation
Experience leading technical teams and mentoring IAM professionals
Experience with multi-cloud environments
Post expiration date\: 06/30/2025