Sr IT Architect, Identity & Access Management

Work Schedule

Standard (Mon-Fri)

Office

Join Thermo Fisher Scientific as a Senior Staff IT Architect and lead the Federation Services pillar within our Identity and Access Management (IAM) team. In this high-impact role, you will shape the future of identity-driven access for 140,000 employees and thousands of applications in a hybrid Active Directory and Entra t. You will drive strategy, design, and governance for enterprise Single Sign-On (SSO), with the goal of enabling seamless and secure login to the organization's business applications.

• Provide strategic leadership for the design, implementation, and governance of the Federation Services pillar within IAM.
• Develop and maintain a comprehensive roadmap aligned with organizational priorities and industry best practices.
• Effectively communicate and demonstrate the value of IAM and Federation services to stakeholders at all levels of the organization.
• Develop and track metrics that demonstrate the health, stability, and business value of the Federation service.
• Ensure service availability and compliance with security and regulatory requirements.
• Ensure IAM solutions meet business security and regulatory requirements.
• Drive engineering efforts for IAM integrations across enterprise platforms.
• Collaborate with vendors and evaluate technologies to strengthen Federation services.
• Partner with cross-functional teams to design and maintain efficient, scalable programs.

• Bachelor's degree in computer science, Information Systems, or related field (or equivalent experience).
• Expertise in enterprise SSO technologies (SAML 2.0, OpenID Connect, etc.) and identity solutions like Entra .
• Familiarity with user provisioning (SCIM), Active Directory, and application authorization models.
• Confidence in managing an Entra l Access chain of moderate complexity, including documenting, requesting, testing, and performing changes to the chain as IT security requirements evolve.
• Knowledge of application deployment best practices, including hosting, DNS, SSL, and session cookies.
• Experience deploying SaaS and on-premise applications.
• Strong troubleshooting skills for web applications and SSO issues.
• Proficiency with scripting (Power Shell) and exposure to software development.
• Knowledge of Service Now automation and change management processes.
• Experience with AI-powered development tools (e.g., Git Hub Copilot).
• Excellent communication and collaboration skills.

The salary range estimated for this position based in Maryland is $-$.

This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy.

We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes:

• A choice of national medical and dental plans, and a national vision plan, including health incentive programs
• Employee assistance and family support programs, including commuter benefits and tuition reimbursement
• At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy
• Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan
• Employees' Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount

For more information on our benefits, please visit: