Sr IT Architect, Identity & Access Management

Position: Sr Staff IT Architect, Identity & Access Management
Work Schedule

Standard (Mon-Fri)

Environmental Conditions

Office

Job Description

Job Description

Join Thermo Fisher Scientific as a Senior Staff IT Architect and lead the Federation Services pillar within our Identity and Access Management (IAM) team. In this high-impact role, you will shape the future of identity-driven access for 140,000 employees and thousands of applications in a hybrid Active Directory and Entra t. You will drive strategy, design, and governance for enterprise Single Sign-On (SSO), with the goal of enabling seamless and secure login to the organization's business applications.

Key Responsibilities:

* Provide strategic leadership for the design, implementation, and governance of the Federation Services pillar within IAM.

* Develop and maintain a comprehensive roadmap aligned with organizational priorities and industry best practices.

* Effectively communicate and demonstrate the value of IAM and Federation services to stakeholders at all levels of the organization.

* Develop and track metrics that demonstrate the health, stability, and business value of the Federation service.

* Ensure service availability and compliance with security and regulatory requirements.

* Ensure IAM solutions meet business security and regulatory requirements.

* Drive engineering efforts for IAM integrations across enterprise platforms.

* Collaborate with vendors and evaluate technologies to strengthen Federation services

* Partner with cross-functional teams to design and maintain efficient, scalable programs.

Preferred Qualifications:

* Bachelor's degree in computer science, Information Systems, or related field (or equivalent experience).

* Expertise in enterprise SSO technologies (SAML 2.0, OpenID Connect, etc.) and identity solutions like Entra .

* Familiarity with user provisioning (SCIM), Active Directory, and application authorization models.

* Confidence in managing an Entra l Access chain of moderate complexity, including documenting, requesting, testing, and performing changes to the chain as IT security requirements evolve.

* Knowledge of application deployment best practices, including hosting, DNS, SSL, and session cookies.

* Experience deploying SaaS and on-premise applications.

* Strong troubleshooting skills for web applications and SSO issues.

* Proficiency with scripting (Power Shell) and exposure to software development.

* Knowledge of Service Now automation and change management processes.

* Experience with AI-powered development tools (e.g., Git Hub Copilot).

* Excellent communication and collaboration skills.

Compensation and Benefits

The salary range estimated for this position based in Maryland is $-$.

This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes:

* A choice of national medical and dental plans, and a national vision plan, including health incentive programs

* Employee assistance and family support programs, including commuter benefits and tuition reimbursement

* At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy

* Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan

* Employees' Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount

For more information on our benefits, please visit: