Corporate Security Architect
Northwood Space
Northwood is a modern space infrastructure company bringing the benefits of space to the masses through advanced communications technology. We are building a global network of phased array ground stations that enable real-time, reliable communication for satellite missions such as national security, global connectivity, and disaster response. With a vertically integrated approach, Northwood designs, builds, and rapidly deploys scalable systems that power the next generation of space missions. If you like solving complex challenges and seeing your work deployed around the world with real impact, Northwood is the place to do it. Role: As Corporate Security Architect, you will own the design and implementation of Northwood's identity architecture, ensuring that access to corporate systems, cloud environments, and sensitive government workloads is governed by robust, auditable, and least-privilege controls. This is a mid-level individual contributor role for an engineer with deep Okta expertise and a strong foundation in IAM architecture, SSO, and role-based access control across complex hybrid environments. You will serve as Northwood's IAM subject-matter expert, designing and maintaining the identity fabric that connects corporate users, contractors, and service accounts to the tools and systems they need — while enforcing the access boundaries required for CUI handling, ITAR compliance, and CMMC Level 2 certification. This role works in close partnership with the Security Engineering Lead, Security Operations Lead, and GRC Lead, and reports to the Head of Security. Responsibilities Identity Architecture & Okta Administration Own Northwood's Okta environment end-to-end, including tenant configuration, application integrations, lifecycle management, MFA policy enforcement, and directory synchronization. Design and maintain Northwood's SSO architecture, ensuring all corporate and government-facing applications are integrated into a consistent, auditable authentication framework. Develop and enforce adaptive authentication policies, step-up MFA configurations, and risk-based access controls aligned to the sensitivity of the systems being accessed. Manage Okta workflows and automation to support user provisioning, deprovisioning, and access change processes across the employee and contractor lifecycle. Maintain Okta system health, audit logging, and integration reliability, ensuring identity telemetry flows into Northwood's SIEM for continuous monitoring. RBAC & Access Governance Design and implement role-based access control frameworks across Northwood's corporate systems, cloud environments, and government workloads, ensuring access is granted on a least-privilege and need-to-know basis. Define and maintain role taxonomies, access request workflows, and entitlement review processes that satisfy CMMC, FedRAMP, and NIST 800-171 access control requirements. Conduct periodic access reviews and certification campaigns, working with system owners to validate that entitlements remain appropriate and revoke unnecessary access. Develop and maintain access control documentation, including role definitions, provisioning procedures, and audit evidence required for compliance assessments. Enforce segregation of duties controls across critical systems, identifying and remediating access conflicts that create compliance or operational risk. MDM Management & Provisioning Architect, deploy, and manage a unified Mobile Device Management (MDM) solution across macOS, Windows, Linux, and iOS/Android endpoints, ensuring consistent security baselines and configuration compliance across all device types. Establish and maintain OS-level hardening benchmarks (CIS, DISA STIG) across macOS, Windows, and Linux endpoints, translating requirements into enforced MDM policies and automated remediation workflows. Define and enforce MDM configuration profiles, compliance policies, and conditional access rules across all managed platforms in alignment with CMMC, NIST 800-53, and organizational security standards. SSO & Application Integration Lead SSO onboarding for new SaaS applications, internal tools, and government-facing platforms, ensuring integrations conform to Northwood's authentication standards and security policies. Evaluate and enforce SAML, OIDC, and OAuth 2.0 implementation standards across integrated applications, identifying and remediating misconfigurations that introduce identity risk. Partner with the Security Engineering Lead to ensure Okta log ingestion, anomaly detection, and identity-based alerting are functioning and continuously tuned within the SIEM environment. Support integration of identity controls with endpoint management platforms, ensuring device trust policies are enforced as part of access decisions. Privileged Access & Secrets Management Design and maintain privileged access management controls for administrative accounts, service accounts, and break-glass access procedures across corporate and government environments. Define and enforce service account governance standards, including credential rotation policies, least-privilege scoping, and audit logging requirements. Collaborate with the Product Security Lead on secrets management integration with identity controls, ensuring service-to-service authentication conforms to zero-trust principles. Compliance & Cross-Functional Collaboration Ensure Northwood's IAM environment satisfies access control requirements across CMMC Level 2, FedRAMP, SOC 2, and ITAR, providing audit evidence and control documentation to the GRC Lead as needed. Partner with the GRC Lead to support access control‑related audit activities, including evidence collection, assessor walkthroughs, and remediation of identified deficiencies. Collaborate with the network engineering team to ensure identity-aware network access controls and Zero Trust policies are consistently enforced across Cloudflare and on‑premises environments. Develop and maintain IAM architecture documentation, including data flow diagrams, integration maps, and access control matrices that reflect Northwood's current environment. Basic Qualifications 3+ years of hands‑on IAM engineering experience, with demonstrated ownership of Okta administration in a production environment. Deep Okta expertise, including SSO configuration, lifecycle management, MFA policy enforcement, adaptive authentication, Okta Workflows, and SIEM log integration. Strong understanding of SSO protocols including SAML 2.0, OIDC, and OAuth 2.0, with hands‑on experience troubleshooting and hardening integrations. Experience designing and implementing RBAC frameworks, including role taxonomy development, entitlement reviews, and access certification processes. Familiarity with privileged access management concepts, including service account governance, least-privilege enforcement, and administrative access controls. Understanding of IAM requirements within government compliance frameworks, including NIST 800‑171 access control and identification and authentication control families. Experience integrating identity platforms with endpoint management, cloud environments, and security monitoring tooling. Ability to obtain and maintain a TS/SCI clearance. U.S. citizenship or status as a lawful permanent resident required to conform with ITAR export regulations. Preferred Qualifications Active TS clearance or higher. Experience operating Okta in AWS GovCloud or Microsoft GCC environments, including tenant configuration for government workload access controls. Familiarity with Okta Identity Governance (OIG) or similar identity governance and administration (IGA) platforms. Experience with Cloudflare Zero Trust access policies and integration with Okta for identity‑aware network access enforcement. Hands‑on experience with privileged access management platforms such as CyberArk, BeyondTrust, or equivalent. Background in aerospace, defense, critical infrastructure, or other government‑adjacent regulated environments. Experience supporting CMMC, FedRAMP, or SOC 2 audits in an IAM engineering capacity. Okta Certified Administrator, Okta Certified Professional, or equivalent identity platform certification. CISSP, CISM, or equivalent professional security certification. Additional Requirements This position requires successfully obtaining and maintaining a Top Secret Security Clearance as a condition of employment. While the clearance may not be immediately necessary upon hire, we encourage you to initiate the application process promptly upon accepting this offer. Your ability to secure the necessary clearance is essential for fulfilling key responsibilities of the role. Should you be unable to obtain it, Northwood Space reserves the right to modify or terminate your employment to align with optional needs. Additional Information If you need a reasonable accommodation as part of your application for employment or interviews with us, please let us know. To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Northwood Space is an Equal Opportunity Employer; employment with Northwood Space is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status. #J-18808-Ljbffr Northwood Space
$120k - $175k
...Technology Cyber Security Architect Cooley is seeking a Cyber Security Architect to join the technology team. Position summary: Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda...SuggestedFull timeTemporary workWork at officeFlexible hoursWeekend work- Cloud Software Group is looking for a Principal Security Technology Strategist to enhance customer security solutions across North America. This role is crucial for building relationships with clients, addressing their security needs, and guiding product development. Strong...SuggestedRemote job
- Citrix is looking for a Principal Security Technology Strategist to enhance security solutions for enterprise customers across North America. This role involves collaborating with sales and customers to implement strategies for secure application access, delivering technical...SuggestedRemote job
$158k - $175k
...cybersecurity infrastructure. This role serves as a senior technical expert while working closely with various departments to strengthen security posture and mitigate risks. Key responsibilities involve implementing security controls, conducting vulnerability assessments, and...Suggested- A leading healthcare technology provider based in Santa Monica, CA, is seeking a Security Architect to shape and scale their security program. You will build secure systems, develop security standards, and lead compliance initiatives while collaborating with various engineering...SuggestedFlexible hours
$131k - $169k
...Senior Security Engineer Seeking a development & cloud focused Senior Security Engineer to join our expanding security team. The... ...domains; you could be assisting with refining and investigating corporate IT security processes in the morning, reviewing a cloud hosted...Work at officeWork from homeFlexible hoursDay shift- The Aerospace Corporation in El Segundo, California, is seeking a highly experienced system security engineer to enhance security throughout the system development life cycle. The position requires at least 10 years of relevant experience, competency in managing security...Relocation packageFlexible hours
$155.7k - $208.7k
The Walt Disney Company (France) seeks a Sr. Manager, Systems Engineering in Glendale, CA, to lead the architecture of core Global Security technology platforms. This position requires over 10 years of experience in security systems architecture and deep expertise in...- An innovative security consultancy is seeking an IT Training Specialist in Los Angeles to support its Information Security Program. This... ...developing IT solutions while serving as a liaison between IT architects and security engineering teams. The ideal candidate will...
- Banc of California is seeking a VP, Lead Security Risk Analyst in Los Angeles. This role leads enterprise-wide Information Security risk initiatives, ensuring that security principles are integrated into business decisions. The successful candidate will work closely with...
- The Walt Disney Company is seeking a Sr. Manager, Systems Engineering focused on Global Security Design & Engineering in Glendale, California. This role is essential to developing and governing the architecture of security technology platforms for the company, requiring...
$136k - $197k
Google Inc. is seeking an experienced professional in Los Angeles to lead information security and data access management initiatives. The role demands extensive experience in security, data protection, and navigating business structures. Ideal candidates will have a Bachelor...$165k - $180k
...supportive culture. If you aspire to be the best, and work with the best, this is where you belong. About the Role The Enterprise Security Engineer is an integral part of Latham’s Global Security and Risk Management team. This role will be responsible for solving highly...Work at officeFlexible hours- A global professional services firm is seeking a Cloud Security Consultant to enhance the security posture of applications hosted on Microsoft Azure. The role involves guiding the implementation of CNAPP technology, performing security assessments, and collaborating with...Flexible hours
- Exciting Splunk SIEM Security Engineer/Architect contract opportunity. Requirements 3 plus years of experience in Spunk (SIEM) Security Enterprise: architecting, configuring, deploying, and customizing the tool, preferably both in supporting the application and utilizing...Contract work
- A technology company is seeking a detail-oriented Cloud Security Specialist to enhance security across cloud environments. Responsibilities include designing security solutions, monitoring incidents, and developing compliance policies. Ideal candidates should have a degree...Flexible hours
$170.6k - $390k
...Cybersecurity consulting practice – the best place in the world to grow your career in information security! The opportunity The Senior Network Security Architect is a strategic and hands‑on technical leader responsible for designing, implementing, and governing...Summer holidayRemote workFlexible hours- Latham & Watkins in Downtown Los Angeles is seeking an Enterprise Security Engineer to handle complex security and technology problems. This role involves assessing and implementing security capabilities, ensuring that business outcomes are achieved safely. Candidates...Flexible hours
- A leading security organization in Los Angeles is seeking an Enterprise Security Engineer to implement and manage security measures for internal systems. The successful candidate will work closely with IT and Security teams, develop security capabilities, enforce policies...
- Overview About the job About The Team Within the OpenAI Security organization, our IT team works to ensure our team of researchers, engineers, and staff have the tools they need to work comfortably, securely, and with minimal interruptions. As an Enterprise Security Engineer...
- A cybersecurity solutions firm in California is seeking a Splunk SIEM Security Engineer/Architect. The ideal candidate will have over 3 years of experience in architecting and configuring Splunk, along with skills in security analysis and managing a Splunk environment....Contract work
- ...Enterprise Architect Employment Type: Full-Time, Senior-Level CGS is seeking an experienced senior-level Information Technology... ...service, Broadworks, Polycomm, BlackBerry, Apple iOS, information security, wireless technologies, system networking, etc....Full timeFor subcontractorRemote workFlexible hours
$117.1k - $187.3k
...learn more, please see . SUMMARY As a Senior Enterprise Architect within Commercial IT, you will help shape the future of... ...engineering leaders, Enterprise Architecture, Data, ERP, Commerce, Security, and business partners to define target-state CRM architecture...Live inLocal areaWorldwide- ...Enterprise Architect These resources will be providing architectural support for enterprise programs through impact analysis, solutions... ...across the organization. Cloud solution patterns, cloud security, resiliency & observability, CMM architecture review, and...
$115.8k - $202.7k
...you can make your mark as an Enterprise Architect at MMA. Marsh McLennan Agency (MMA) provides... ...domain(s) to effectively support the corporate business strategy. Provide critical... ...for development, quality assurance, security, and service on-boarding Keep current...Minimum wageLocal areaRemote workNight shift- ...learn more, please see What you'll do here: As an Enterprise Architect in our Cengage Digital organization, you will be responsible... ...Certification is a plus Proven track record to design and build scalable, secure, high-availability enterprise systems, leveraging CI/CD...Work experience placementLive inLocal areaWorldwide
$150.16k
...Job Description CDM Smith is seeking a Lead Enterprise Architect to join our Corporate Business Technology team. In this role, you will be... ...business and technology stakeholders to deliver scalable, secure, and integrated solutions across the enterprise application...H1bRemote work$152k - $262k
LMI Government Consulting is looking for a skilled Space Enterprise Architecture SME in El Segundo, CA. The role involves advising the USSF SSC customers on architectural analysis and technical discussions. Candidates should have a bachelor's or master's degree in a STEM...- West Monroe is seeking a Microsoft 365 Experienced Consultant to join their Enterprise Technology team. This role involves designing secure, scalable IT solutions to enhance client operations using Microsoft 365, IAM, and automation tools. The ideal candidate will have 1...Flexible hours
- A leading technology consultancy is seeking an Agentic Developer in Los Angeles. This role focuses on creating and modernizing production-grade software using large language models as a primary development interface. Ideal candidates possess a strong software engineering...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Corporate Security Architect. Be the first to apply!

