Sr Cyber Systems Architect (Authentication)

About The Position

Requirements

• 5+ years’ experience in an identity architecture role
• 5+ years’ experience designing solutions in IAM technical role(s) for large enterprise
• Bachelor’s degree or higher in computer science, information security, or a non‑computer‑related field, or equivalent work experience
• Strong communication and interpersonal skills; including negotiation, facilitation, and consensus building skills; Ability to influence, persuade, and manage polarities without direct control
• Significant experience designing initial infrastructure, administering IAM systems, access controls, security and risk management, and governance fundamentals
• Strong understanding of RBAC, identity policies, identity lifecycle automation and reporting, password policies, separation of duties, user provisioning, and approval workflows
• Experience working with modern and legacy enterprise authentication services (OpenID Connect (OIDC), OAuth2, SAML, Kerberos) and platforms (preferably Active Directory, Entra ID, AWS)
• Experience with Single-Sign-On, Multi-Factor Authentication (MFA), Passwordless Technologies, Privileged Access Management (PAM), and Public Key Infrastructure (PKI)
• Familiarity with one or more regulatory requirements and laws such as, but not limited to, PCI DSS, FFIEC, SOX, HIPAA, GDPR and GLBA. Additionally, experience in one or more: ISO 17799, ITIL, NIST
• Understanding of cloud computing architecture, technical design and implementations, including IaaS, PaaS and SaaS models
• High degree of flexibility and ability to work with employees at all levels of the organization with diverse backgrounds
• Makes wise, data-informed decisions, finds and owns problems to closure
• Ability to balance the long-term big picture and short-term implications of tactical decisions
• Possesses an innovative technical mindset with a focus on architecture, strategy, and design
• Strong desire to drive change

Nice To Haves

• Experience architecting and delivering large-scale Enterprise IAM service instances
• Experience with enterprise directory architecture, including significant knowledge of Active Directory and Entra ID
• Experience developing and delivering Zero Trust architectural designs
• Experience with Venafi / Netwrix / CyberArk
• Experience with Google Cloud Platform (GCP) and Amazon Web Services (AWS)
• Experience with large-scale ID Verification solutions for Enterprise and Consumer Identity solutions
• A current cybersecurity professional certification such as CISSP, CCSP, GSEC, or GISP
• Preferably one or more Azure certifications, such as AZ‑900, AI‑900, AZ‑500, SC‑300, or AZ‑305
• Knowledge of integrating AI agents with identity providers and applying governance to their access and lifecycle management.
• Apply AI-driven analytics to strengthen identity governance, enable intelligent access decisions, detect anomalous behavior, and optimize end‑to‑end IAM workflows

Responsibilities

• Serve on a distributed security and technology team responsible for establishing IAM solutions.
• Lead the design and implementation of IAM capabilities including SSO, directory services, Zero Trust access, MFA, PAM, automation, and behavior‑analytics systems.
• Craft resilient and scalable identity strategies that align with cybersecurity policies and governance structure
• Collaborate with stakeholders to define IAM requirements and design comprehensive solutions for business needs
• Develop highly scalable identity service architectures serving enterprise, customer access, and external partner requirements
• Produce technical solutions that meet NBCU's business objectives and drive compliance with NBCU’s information security goals
• Partner with technology and security teams across NBCU to provide technical expertise, design guidance, and drive best practices
• Create and deliver effective presentations that inform NBCUniversal Senior Leadership teams to drive business relevant information security decisions
• Lead product evaluations and new technology adoptions
• Maintain strong vendor relationships that drive partnership with NBCU
• Create technical documentation with architecture diagrams, configuration guides and operational practices
• Make recommendations to improve automation efficiency, security practices and end user experience
• Execute tactical requests along with supporting strategic vision for rigorous and scalable IAM control

Benefits

• This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks.