×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Backend Developer Software Architect Azure

Principal, Identity Architect

Job in Irving, Dallas County, Texas, 75084, USA
Listing for: Publicisgroupe
Full Time position
Listed on 2026-06-28
Job specializations:
  • Software Development
    Backend Developer, Software Architect, Azure
Salary/Wage Range or Industry Benchmark: 127900 - 237500 USD Yearly USD 127900.00 237500.00 YEAR
Job Description & How to Apply Below

Overview

As a Principal Identity Architect, you will lead and drive Epsilon's identity modernization program—moving the organization from legacy SAML and long‑lived credential patterns toward a modern, OAuth 2.1 / OpenID Connect (OIDC)-first approach. You will design and implement secure token flows, machine identity patterns, and integration standards that work across multi‑cloud and multi‑platform environments, while guiding others to deliver against the same bar.

In this role, you partner with Security, Cloud Engineering, Platform, Application, and Data teams to migrate service accounts and API keys toward scoped, fleeting machine identities; apply enterprise standards for OAuth applications and token usage; and support emerging requirements in non‑human and AI‑assisted authentication. You bring practical rigor to authorization server integrations, token scopes, claims usage, and lateral‑movement risk reduction—helping teams adopt identity patterns that are secure, repeatable, and developer‑friendly.

You will also lead identity observability and governance improvements—building the logging, integration health, and visibility needed to manage human and machine identity activity  mentor peer architects and engineers, delegate work across the identity team and partner groups, and remain hands‑on enough to unblock complex integrations and set the technical example. Your work directly improves security posture, developer velocity, audit readiness, and the organization's ability to adopt cloud‑native workloads safely.

This role is ideal for a hands‑on technical leader with strong OAuth/OIDC experience who can drive initiatives end‑to‑end, develop others, and translate architecture direction into working integrations, documented patterns, and accountable delivery across teams.

Responsibilities

Identity Architecture & Protocol Design:

  • Lead implementation and adoption of enterprise identity standards with an OIDC‑first posture—driving migration away from SAML and legacy authentication patterns toward modern OAuth 2.0 / 2.1 and OpenID Connect flows.
  • Design and review secure token flows including authorization code with PKCE (required), client credentials (M2M), and delegated authorization patterns; identify and remediate deprecated implicit flows and other OAuth 2.1 anti‑patterns.
  • Ensure correct separation of  vs. access token usage—authorization data is not embedded in s and access tokens are scoped, time‑bound, and used appropriately at resource servers.
  • Apply sound authorization models spanning scopes, claims, audience, and token lifetime—reducing risk from token leakage, replay, and lateral movement across shared authorization servers.
  • Assess integration designs for centralized authorization server risks, token scope exposure, and cross‑application trust boundaries; recommend API management and federation patterns where appropriate.

Machine & Non‑Human Identity (NHI):

  • Drive the transition from long‑lived service accounts and API keys to machine identities using OAuth client credentials, API service applications, and cloud‑native workload identity patterns.
  • Help establish non‑human identity as a distinct identity category with governance, traceability, and entitlement scoping appropriate to each use case.
  • Design and implement non‑interactive M2M authentication patterns for service‑to‑service, batch, and platform workloads across common integration points (e.g., APIs, data pipelines, messaging platforms).
  • Partner with application and platform teams on service account migration, secrets reduction, and policy‑driven runtime identity models; delegate and coordinate implementation work as appropriate.

Emerging Identity Use Cases:

  • Support identity integration patterns for AI‑assisted and automated workloads, including delegated human context via standard OIDC flows where applicable.
  • Contribute to monitoring and logging approaches that help teams distinguish routine machine activity from anomalous authentication behavior.
  • Stay current on evolving identity requirements for agentic workloads and recommend practical adoption paths aligned to enterprise standards.

Identity Platform & Integration Engineering:

  • Build and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search