Principal Architect - Identity %26 Access Management (Remote)

Find your future at United! We’re reinventing what our industry looks like, and what an airline can be – from the planes we fly to the people who fly them. Join a team of over 100,000 members who share a passion and diverse skills for leading.

Join our Cybersecurity and Digital Risk (CDR) team to help us also lead the airline industry in cyber-safety. United’s CDR team is tasked with keeping our customers’ and employees’ information safe and secure. Our primary mission is to embed cybersecurity into the DNA of United Airlines by reducing business risk through implementation of strong cybersecurity standards.

Achieving our ambitions starts with supporting yours. Evolve your career and find your next opportunity. Get the care you need with industry-leading health plans and best-in-class programs to support your emotional, physical, and financial wellness. Expand your horizons with travel across the world’s biggest route network. Connect outside your team through employee-led Business Resource Groups.

Create what’s next with us. Let’s define tomorrow together. Apply today!

Job overview and responsibilities

The Principal Architect – Workforce Identity & Access Management (WIAM) will design a modern workforce IAM experience that delivers secure, reliable, scalable, and performant identity platforms and systems. The Principal Architect is a senior level position that works closely with development teams, digital product teams, and other architects across security and business functions to integrate identity security into product and workforce identity lifecycles (for both human and non-human identities) and optimize experiences around risk-based authentication and authorization for our workforce customers.
This technical leader will define, craft, implement, review, advise, and guide implementation of workforce identity architecture and will take a strong hands-on role, working with diverse teams across United as well as with external partners to define and support identity innovation. On any given day, the Principal Architect can be pulled in to evaluate a new tool, contribute to short and long-term strategic Identity roadmaps, or provide guidance across United on IAM relevant standards and frameworks, authentication and authorization protocols, and how to successfully implement these across a range of capabilities.

• Leads design, technical innovation, and documentation of Workforce Identity & Access Management platform architecture and roadmap
• Translates business requirements into technical architecture
• Leads the design, definition and implementation of risk-based authentication and authorization identity security best practices and updating Cybersecurity and Digital Risk standards and policies to ensure clarity with technology teams
• Recommends and implements products/services that support workforce identity operational needs and security requirements, considering performance, compliance, and business continuity needs that ensure performant, scalable, highly available, and resilient IAM capabilities
• Promotes and contributes to the continuous improvement of security culture and strategy based on business objectives and security priorities
• Participates in capacity planning, formulating and contributing to Objectives and Key Results,
• Serves as a department Subject Matter Expert, and mentors, trains, and coaches junior members of the IAM team

• Bachelor's degree
• STEM
• 7+ years of experience in related field such as identity and access management, secure coding, security architecture, threat modeling, governance risk and compliance, ethical hacking
• 7+ years of experience working with cloud/hybrid-based identity and zero-trust enablement platforms such as ForgeRock, Okta, Ping Identity, Oracle Access Manager, AWS IAM, Microsoft Entra, Azure Active Directory, Zscaler, Duo
• Deep expertise in identity management, authentication, authorization, and security architecture, including technologies like SSO, SAML, OAuth2, OIDC, FIDO, and Zero Trust principles
• Hands-on experience developing enterprise security architecture; Demonstrated ability to build custom IAM tooling for automation, integration, and enhanced capabilitiesand working with security development lifecycle processes and tools
• Demonstrated ability to set technical direction and lead organizations through complex architectural transformations
• Strong collaborator, able to influence and build productive relationships across technical and business teams
• Ability to effectively articulate security and identity concepts to technical and non-technical audiences
• Familiarity with NIST Cybersecurity Framework, PCI and SOX requirements
• Proven experience effectively leveraging AI technologies for identity management, such as ML-based access anomaly detection and generative AI for governance
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

• Master's degree in Computer Science, Engineering, or Cybersecurity
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Controls (CRISC)
• Certified Ethical Hacker
• Minimum of 10 years of experience in related field, including any combination of the following: threat modeling, secure coding, identity management and authentication, security architecture, data science, machine learning, cryptography, system administration and network security, cloud computing, governance risk and compliance
• 10+ years of experience working with an IAM platforms
• Airline Industry experience
• Familiarity with transportation sector specific regulatory and compliance requirements
• Experience in leading/architecting large-scale identity transformation projects
• Security threat modeling and risk assessments
• Experience implementing Zero Trust architecture
• Experience with large language models for security automation
• Experience leading technical teams and mentoring IAM professionals
• Experience with multi-cloud environments

Post expiration date: 06/30/2025