Corporate Security Architect

About Northwood

Northwood is a modern space infrastructure company focused on connecting space and Earth. The world runs on space. Space will run on Northwood. Our global ground network ensures that missions ranging from national security, to global connectivity, to disaster response can unlock their full potential and operate every day without fail.

As Corporate Security Architect, you will own the design and implementation of Northwood's identity architecture, ensuring that access to corporate systems, cloud environments, and sensitive government workloads is governed by robust, auditable, and least-privilege controls. This is a mid-level individual contributor role for an engineer with deep Okta expertise and a strong foundation in IAM architecture, SSO, and role-based access control across complex hybrid environments.

You will serve as Northwood's IAM subject‑matter expert, designing and maintaining the identity fabric that connects corporate users, contractors, and service accounts to the tools and systems they need — while enforcing the access boundaries required for CUI handling, ITAR compliance, and CMMC Level 2 certification. This role works in close partnership with the Security Engineering Lead, Security Operations Lead, and GRC Lead, and reports to the Head of Security.

• Own Northwood's Okta environment end-to-end, including tenant configuration, application integrations, lifecycle management, MFA policy enforcement, and directory synchronization.
• Design and maintain Northwood's SSO architecture, ensuring all corporate and government‑facing applications are integrated into a consistent, auditable authentication framework.
• Develop and enforce adaptive authentication policies, step‑up MFA configurations, and risk‑based access controls aligned to the sensitivity of the systems being accessed.
• Manage Okta workflows and automation to support user provisioning, deprovisioning, and access change processes across the employee and contractor lifecycle.
• Maintain Okta system health, audit logging, and integration reliability, ensuring identity telemetry flows into Northwood's SIEM for continuous monitoring.

• Design and implement role‑based access control frameworks across Northwood's corporate systems, cloud environments, and government workloads, ensuring access is granted on a least‑privilege and need-to‑know basis.
• Define and maintain role taxonomies, access request workflows, and entitlement review processes that satisfy CMMC, FedRAMP, and NIST 800‑171 access control requirements.
• Conduct periodic access reviews and certification campaigns, working with system owners to validate that entitlements remain appropriate and revoke unnecessary access.
• Develop and maintain access control documentation, including role definitions, provisioning procedures, and audit evidence required for compliance assessments.
• Enforce segregation of duties controls across critical systems, identifying and remediating access conflicts that create compliance or operational risk.

• Architect, deploy, and manage a unified Mobile Device Management (MDM) solution across macOS, Windows, Linux, and iOS/Android endpoints, ensuring consistent security baselines and configuration compliance across all device types.
• Establish and maintain OS‑level hardening benchmarks (CIS, DISA STIG) across macOS, Windows, and Linux endpoints, translating requirements into enforced MDM policies and automated remediation workflows.
• Define and enforce MDM configuration profiles, compliance policies, and conditional access rules across all managed platforms in alignment with CMMC, NIST 800‑53, and organizational security standards.

• Lead SSO onboarding for new SaaS applications, internal tools, and government‑facing platforms, ensuring integrations conform to Northwood's authentication standards and security policies.
• Evaluate and enforce SAML, OIDC, and OAuth 2.0 implementation standards across integrated applications, identifying and remediating misconfigurations that introduce identity risk.
• Partner with…