Senior Identity Architect

Overview

Here at Discount Tire, we celebrate the spirit of our people with extraordinary pride and enthusiasm. Our business has been growing for 63 years and now is the best time in our history to join. We are opening more locations every year and always looking for the most qualified individuals to join us in our growth. We are a Company that promotes from within, both in our retail and corporate operations.

Under minimal supervision, the Identity Architect is responsible for defining the overall architecture of the enterprise identity portfolio. With a focus on developing and delivering architectural patterns and practices that build strategic features across the entire enterprise. This person will have a deep knowledge of multiple technology areas, processes, methodologies, standards, products, and frameworks. Advises on high-level, complex solution development, architecture, and management processes from concept ideation through development, launch, and maintenance. Provides technical leadership and support to ensure timely delivery of reliable, flexible, secure, scalable, and cost-efficient architectures. Liaises with the Enterprise Architecture team to ensure consistency with agreed upon process and application taxonomies.

Essential Duties and Responsibilities :

• Deliver Okta Identity Management (or experience with similar identity cloud solution) and designing solution patterns for typical and custom identity frameworks across both infrastructure and development life cycles.
• Lead engineering and solution design with Identity Provider, including base SSO setup via SAML / OpenID Connect, B2B Federation Connection setup, and with standard expression logic and PowerShell scripts used in analytical reporting and custom attribute patterns.
• Serve as the department expert for architectural solution design and documentation (Product Roadmaps) including PowerShell scripting to maintain and design analytics reports in Okta; as well as design and implement custom application-level expression language regarding attribute manipulation.
• Design and deliver appropriate architecture that support identity & access needs in meeting business goals of secure design, lifecycle, and stable operations.
• Serve as the resident expert for IAM disciplines (such as but not limited to - Identity, Sign-On, Federation, Multifactor Authentication, Privileged Access Management, Directory Services, Role-based Governance & Administration, API Security, Key and token Lifecycle, Identity Risk, Identity threat modeling).
• Establish, document, and publish reference architecture models and promote use and adoption. Apply cross-domain experience and hands-on implementation of architecture across broad scale and multiple platforms. Build threat models for defined design to identify weaknesses in design, with appropriate mitigations.
• Develop standards and reference architecture for repeatable use cases. Document new and existing solution designs within standardized SDLC and niche use cases.
• Produce and implement enterprise-level designs for Azure authentication and on prem AD, as wells as Azure B2B / C authentication for global initiatives.
• Drive enforcement of policies, procedures, and associated plans for system security administration, highly privileged and high-risk users, and general user system access based on industry-standard best practices.
• Define standards and reference architecture for Identity and access protection within secure hybrid multi-cloud environments.
• Design solutions to on-board third party and cloud applications using various federation protocols. Architect lifecycle controls and processes in design for Identity and access of customers, partners, and B2B / C entities.
• Design full user provisioning and de-provisioning process, in line with regulatory and industry needs for termination.
• Ability to enable application movement to modern authentication in the hybrid multi-cloud environment through use of SSO and Federation.
• Design, develop, deploy, integrate, and support Single Sign On (SSO) using DevOps model for all types of devices.
• Plan and develop security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure.
• Collaborate with management to identify security best practices; applies a risk-based approach to information security covering the security aspects of Cloud & On-premises IAM services with a focus on Authentication services (SSO and MFA).
• Provide engineering support for the Identity and Authentication team. Mentor and develop all on the Identity Team when requested.
• Support the enterprise SSO platform to enable a secure and enhanced authentication experience for enterprise users.
• Work on a daily basis with Agile engineering scrum teams and participate in daily standups, grooming and planning to deliver product features.
• Partnering with cross-functional teams to build Identity products and constantly innovate on APIs, platform, web (desktop / mobile) and native apps (iOS and Android).
• Facilitate cost effective solutions for integration of target applications to IAM platforms and services.
• Remain informed on trends and issues in the security industry, including current and emerging technologies and policies.
• Provide effective communications to senior management, peers, team, stakeholders, external parties as required.

Qualifications :

Educational Requirements :

Discount Tire provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local law.

LI-Hybrid

Find out more about this role by reading the information below, then apply to be considered.

LI-GW1

J-18808-Ljbffr