Corporate Security Architect

Corporate Security Architect

Northwood is a modern space infrastructure company focused on connecting space and Earth. The world runs on space. Space will run on Northwood. Our global ground network ensures that missions ranging from national security, to global connectivity, to disaster response can unlock their full potential and operate every day without fail.

As Corporate Security Architect, you will own the design and implementation of Northwood's identity architecture, ensuring that access to corporate systems, cloud environments, and sensitive government workloads is governed by robust, auditable, and least-privilege controls. This is a mid-level individual contributor role for an engineer with deep Okta expertise and a strong foundation in IAM architecture, SSO, and role-based access control across complex hybrid environments.

You will serve as Northwood's IAM subject-matter expert, designing and maintaining the identity fabric that connects corporate users, contractors, and service accounts to the tools and systems they need — while enforcing the access boundaries required for CUI handling, ITAR compliance, and CMMC Level 2 certification. This role works in close partnership with the Security Engineering Lead, Security Operations Lead, and GRC Lead, and reports to the Head of Security.

Responsibilities

• Identity Architecture & Okta Administration
• RBAC & Access Governance
• MDM Management & Provisioning
• SSO & Application Integration
• Privileged Access & Secrets Management
• Compliance & Cross-Functional Collaboration

Basic Qualifications

• 3+ years of hands-on IAM engineering experience, with demonstrated ownership of Okta administration in a production environment.
• Deep Okta expertise, including SSO configuration, lifecycle management, MFA policy enforcement, adaptive authentication, Okta Workflows, and SIEM log integration.
• Strong understanding of SSO protocols including SAML 2.0, OIDC, and OAuth 2.0, with hands-on experience troubleshooting and hardening integrations.
• Experience designing and implementing RBAC frameworks, including role taxonomy development, entitlement reviews, and access certification processes.
• Familiarity with privileged access management concepts, including service account governance, least-privilege enforcement, and administrative access controls.
• Understanding of IAM requirements within government compliance frameworks, including NIST 800-171 access control and identification and authentication control families.
• Experience integrating identity platforms with endpoint management, cloud environments, and security monitoring tooling.
• Ability to obtain and maintain a TS/SCI clearance.
• U.S. citizenship or status as a lawful permanent resident required to conform with ITAR export regulations.

Preferred Qualifications

• Active TS clearance or higher.
• Experience operating Okta in AWS GovCloud or Microsoft GCC environments, including tenant configuration for government workload access controls.
• Familiarity with Okta Identity Governance (OIG) or similar identity governance and administration (IGA) platforms.
• Experience with Cloudflare Zero Trust access policies and integration with Okta for identity-aware network access enforcement.
• Hands-on experience with privileged access management platforms such as CyberArk, BeyondTrust, or equivalent.
• Background in aerospace, defense, critical infrastructure, or other government-adjacent regulated environments.
• Experience supporting CMMC, FedRAMP, or SOC 2 audits in an IAM engineering capacity.
• Okta Certified Administrator, Okta Certified Professional, or equivalent identity platform certification.
• CISSP, CISM, or equivalent professional security certification.