State Street

financial-services

DomainArchitect,Identity

$170–283k Quincy, Massachusetts, United States FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Senior candidates.

The Brief

“Domain Architect, Identity at State Street. Skills: Identity domain target architecture, IAM, IGA, PAM, CIAM, machine and non-human identities, federation, authorization services, Zero Trust objectives, cloud-native identity, passwordless authentication, identity orchestration, non-human identity, service accounts, secrets management, agentic / AI identity patterns. Own the enterprise Identity domain target architecture, including IAM, IGA, PAM, CIAM, machine and non-human identities, federation”

What You'll Achieve.

defining and driving the target-state architecture for Identity & Access Management across the enterprise; ensuring identity capabilities scale securely, consistently, and in line with enterprise and regulatory expectations; architectural intent is realized consistently in delivery

Industry & Context.

financial services

What They're Looking For.

Must Have

15+ years of experience in Identity & Access Management, security architecture, or enterprise architecture in large, regulated environments, Deep hands-on architectural expertise across IAM, PAM, CIAM, federation, directories, authorization, and cloud identity, Demonstrated experience defining and governing domain architectures at enterprise scale, understanding of regulatory, audit, and risk considerations in financial services

Nice to Have

CISSP, CISM, CCSP, TOGAF, or equivalent practical experience

What You'll Do.

Own the enterprise Identity domain target architecture

machine and non-human identities

and authorization services

Define and maintain Identity reference architectures

and architectural principles

ensuring alignment with enterprise standards and Zero Trust objectives

Serve as the final design authority for material identity solutions and major identity-related programs

and cybersecurity strategy into a clear

sequenced Identity architecture roadmap

Partner with IAM product

and operations leaders to ensure architectural intent is realized consistently in delivery

Guide modernization initiatives including platform rationalization

cloud-native identity

passwordless authentication

and identity orchestration

Operate as the Identity Domain counterpart to Central Enterprise Architecture

ensuring alignment while defending domain-specific architectural needs

Escalate and arbitrate design decisions that have enterprise-wide risk

or precedent implications

Contribute identity expertise to Architecture Review Boards (ARB) and Technology Review Boards (TRB)

Ensure Identity architectures align with financial-services regulatory expectations and internal risk frameworks

Embed security-by-design

and auditability across all identity patterns

Act as a trusted architectural partner in regulatory discussions where identity design is material to outcomes

Provide architectural leadership for non-human identity

and agentic / AI identity patterns

Continuously assess emerging identity standards

and industry practices

incorporating them where strategically appropriate

How You'll Work.

Team & Collaboration

Partner with IAM product, engineering, and operations leaders; Operate as the Identity Domain counterpart to Central Enterprise Architecture; Contribute identity expertise to Architecture Review Boards (ARB) and Technology Review Boards (TRB); Act as a trusted architectural partner in regulatory discussions

Communication Scope

Influence senior stakeholders across technology, cybersecurity, and the business without direct authority; Represent the Identity architecture function with credibility at managing director, executive, and board-adjacent levels

Full Job Description

The Managing Director, Domain Architect – Identity is the senior-most architectural authority for the Identity domain, accountable for defining and driving the target-state architecture for Identity & Access Management across the enterprise. This role provides deep architectural leadership across workforce IAM, privileged access, customer and partner identity, machine and workload identity, and emerging agentic / AI-driven identity use cases. The role is intentionally architecture-led rather than operations-led. The Managing Director acts as the design authority and strategic advisor to the Head of IAM, technology leadership, and cybersecurity executives—ensuring identity capabilities scale securely, consistently, and in line with enterprise and regulatory expectations. Key Responsibilities Domain Architecture Leadership • Own the enterprise Identity domain target architecture, including IAM, IGA, PAM, CIAM, machine and non-human identities, federation, and authorization services. • Define and maintain Identity reference architectures, design patterns, and architectural principles, ensuring alignment with enterprise standards and Zero Trust objectives. • Serve as the final design authority for material identity solutions and major identity-related programs. Strategy to Execution • Translate business, regulatory, and cybersecurity strategy into a clear, sequenced Identity architecture roadmap. • Partner with IAM product, engineering, and operations leaders to ensure architectural intent is realized consistently in delivery. • Guide modernization initiatives including platform rationalization, cloud-native identity, passwordless authentication, and identity orchestration. Enterprise & Central EA Collaboration • Operate as the Identity Domain counterpart to Central Enterprise Architecture, ensuring alignment while defending domain-specific architectural needs. • Escalate and arbitrate design decisions that have enterprise-wide risk, cost, or precedent implications. • C

Free ATS check

Applying for this Domain Architect, Identity role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 32 detected · ranked by frequency

IAM ×3

IGA ×3

PAM ×3

CIAM ×3

federation ×3

authorization services ×3

cloud-native identity ×3

passwordless authentication ×3

identity orchestration ×3

non-human identity ×3

service accounts ×3

secrets management ×3

agentic / AI identity patterns ×3

Identity domain target architecture ×2

machine and non-human identities ×2

Zero Trust objectives ×2

Identity & Access Management

machine identities

non-human identities

Zero Trust

directories

cloud identity

identity standards

identity protocols

architectural authority

architectural leadership

strategic advisor

enterprise architecture

domain-specific architectural needs

regulatory discussions

risk frameworks

financial-services regulatory expectations

BEHAVIOURAL

Mentor and develop senior and principal-level identity architectsInfluence senior stakeholders across technology, cybersecurity, and the business without direct authorityRepresent the Identity architecture function with credibility at managing director, executive, and board-adjacent levels

Role Details

Seniority mid

Experience 15–10 yrs

Level Senior

Work Mode No

Type FULL TIME

Education Bachelor's or Master's degree in Computer Science, Engineeri

Salary Band 150k-200k

AI-Extracted Insights

Domain Areas

identity-access-managementfinancial-services-regulatory-expectationsinternal-risk-frameworks

Certifications

CISSPCISMCCSPTOGAF

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about State Street?

Real rants from real employees. Read before you apply.

Read Company Rants →