Principal IAM Security Architect

Job ID R-024822 Date posted 08/16/2022

Are you an IAM Architect who loves driving impactful change across organizations? Are you interested in working on large scale, meaningful projects? Do you want to work with cutting-edge technology? Are you interested in being part of a team that is working to transform and do things differently? 

Excited to learn more? If so, then this could be the role for you!

LPL Financial (Nasdaq: LPLA) was founded on the principle that the firm should work for the advisor, and not the other way around. Today, LPL is a leader* in the markets we serve, supporting more than 18,000 financial advisors, 800 institution-based investment programs and 450 independent RIA firms nationwide. We are steadfast in our commitment to the advisor-centered model and the belief that Americans deserve access to personalized guidance from a financial advisor. At LPL, independence means that advisors have the freedom they deserve to choose the business model, services, and technology resources that allow them to run their perfect practice. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors, so they can take care of their clients.

Job Overview:

Information Security is essential to what we do at LPL, from protecting our employees, our advisors, and their clients. As a Principal IAM Architect you will join a growing organization to lead a modern enterprise IAM program.

Responsibilities:

• Responsible for roadmap design, architecture, planning and requirements to deliver and support a modern enterprise IAM program based on industry standards, best practices and guidelines for the cloud and across the enterprise.

• Understand business stakeholder needs and design appropriate solutions that enhance the end customer experience

• Partner with the IAM & Product engineering teams to set priorities for architecture and design for a best practice path of successful adoption and implementation across the enterprise

• Partner with Enterprise Architecture team in development of reference architectures and secure design patterns for IAM that will be leveraged by the enterprise

• Conduct enterprise IAM architecture reviews with multiple internal/external teams and stakeholders to assist in enterprise IAM adoption

• Create and execute an IAM roadmap that meets LPL enterprise strategic requirements, including but not limited to security for hybrid cloud deployment, policy driven security, SSO, user provisioning/de-provisioning, and federation

• Lead architectural design for the migration from PING to ForgeRock SaaS solution providing SME and technical guidance on ForgeRock Identity Cloud

• Align architectural design technical controls and solutions to industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)

What are we looking for?

We want strong collaboratorswho can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements:

• 7+ years of hands-on experience with scoping, sizing, designing, architecting & building IAM solutions across various technologies, or demonstrated ability to meet job requirements through comparable work experience

• Expert level knowledge of authentication/authorization standards, protocols, and frameworks such as FIDO, SAML, OAuth, JWT, CA, X.509, MTLS, etc.

• Experience designing and architecting large-scale enterprise Identity & Access Management solutions using ForgeRock (Identity Cloud) or similar cloud-based enterprise IAM platforms.

• 3+ years’ experience with AWS IAM, Microsoft IAM (Azure AD), CyberArk, ForgeRock IdentityNow, Okta, Ping, and IDM integration across domains

• Deep knowledge in authentication and access including SAML, OIDC/OAuth2, and other federation technologies.

Preferences:

• ForgeRock ® Identity Cloud Certified Professional

• SailPoint IdentityIQ ®  Architect certification

• CISSP, CCSP or similar comprehensive security certification with cloud components 

• Strong verbal and writing skills to develop technical documentation and presentations

• Experience in leading technical architecture and security design discussions

• Experience managing multiple multi-level stakeholder relationships

• Bachelors in Computer Science, Computer Engineering, MIS or related field

#LI-Remote

Pay Range:

$143,480-$215,220/year

The salary range is dependent on a number of factors, including the applicant’s skill, experience, and work location.

Why LPL? 

At LPL, we believe that objective financial guidance is a fundamental need for everyone. As the nation’s leading independent broker-dealer, we offer an integrated platform of proprietary technology, brokerage, and investment advisor services. We provide you with a work environment that encourages your creativity and growth, a leadership team that is supportive and responsive, and the opportunity to create a career that has no limits, only amazing potential.

We are one team on one mission. We take care of our advisors, so they can take care of their clients.

Because our company is not too big and not too small, you can seize the opportunity to make a real impact. We are committed to supporting workplace equality, and we embrace the different perspectives and backgrounds of our employees.We also care for our communities, and we encourage our employees to do the same. This creates an environment in which you can do your best work.

Want to hear from our employees on what it’s like to work at LPL?  Watch this!

We take social responsibility seriously. Learn more here

Want to see info on our benefits?  Learn more here

Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.

Information on Interviews:

LPL will only communicate with a job applicant directly from an @lplfinancial.com email address and will never conduct an interview online or in a chatroom forum.  During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card.  Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (800) 877-7210.