Principal Architect - Identity, Data Modeling, and Platform APIs

Job Description
Step into the role of a Principal Architect at JPMorganChase and become a driving force behind the development and adoption of cutting-edge, cloud-based technologies.
As a Principal Architect at JPMorganChase within the Core Infrastructure Platforms Architecture team you provide expertise to enhance and develop architecture platforms based on modern cloud-based technologies, as well as support the adoption of strategic global solutions. Leverage your advanced architecture capabilities and collaborate with colleagues across the organization to drive best-in-class outcomes. You will design the data and API foundations that connect identity, authority, ownership, and permission to workload deployment on IaaS platforms and hypervisors. This is a senior individual contributor role, focused on rigorous data modeling, software and API design, and identity architectures in a large, regulated financial environment. You will define canonical models and service contracts, ensure designs meet regulatory and control requirements, and partner closely with platform, engineering, and development teams.
Job responsibilities

• Defines and owns canonical data models capturing identity, authority, ownership, and permissions across compute, storage, and network resources; model relationships among people, services, applications, and infrastructure assets.
• Designs and evolves APIs and service contracts for entitlements and workload onboarding to IaaS and hypervisor platforms; establish versioning, compatibility, lifecycle, and governance for these interfaces.
• Architects identity-aware provisioning flows and guardrails: integrate with directory and identity systems (e.g., Kerberos, Active Directory), enforce RBAC/ABAC, separation of duties, least privilege, and auditable change.
• Establishes and maintains data structures used for technology governance (e.g., product catalogs, inventories/CMDB, configuration attributes, organizational hierarchies) with clear sources of truth, lineage, and stewardship.
• Embeds compliance and controls into designs: evidence and traceability for regulatory obligations on identity, access management, and operational risk; align with firm policies and applicable regulations.
• Partners with platform teams (hypervisors, IaaS, Kubernetes) and application developers to ensure secure, operable, and scalable workload deployment patterns; produce reference architectures, patterns, and reusable templates.
• Defines policies and policy-as-code approaches for identity, authorization, configuration, and change; integrate controls into CI/CD and provisioning pipelines.
• Drives data quality and observability for governance datasets: schemas, validations, metadata, golden records, reconciliation, and reporting.
• Conducts architecture/design reviews; document decisions, risks, exceptions/waivers, and remediation plans; present in governance forums.
• Promotes effective ways of working: help organize team backlogs and ceremonies, ensure Jira/Kanban hygiene, run stand-ups, and track delivery metrics to keep the team productive.
• Mentors engineers and architects; foster a collaborative, low-ego, outcome-focused culture.

Required qualifications, capabilities, and skills

• Formal training or certification on software Infrastructure Architecture concepts and expert applied experience
• Extensive experience architecting in large, complex, regulated financial services environments, including identity-centric designs and production delivery.
• Deep expertise in enterprise identity management and directory services, including:
• Kerberos and Active Directory (forests/domains, trusts, group nesting, SPNs, constrained delegation, service accounts, PKI).
• Authorization models and controls (RBAC, ABAC, policy evaluation, least privilege, privileged access, break-glass, JIT access).
• Strong data modeling skills (relational, hierarchical, graph) and schema design for governance datasets (product catalogs, CMDB/inventory, configuration attributes, organizational structures).
• Professional software and API design experience: REST/gRPC API design, versioning and compatibility strategies, service contracts, error models, pagination, performance, and security.
• Hands-on understanding of IaaS and hypervisor platforms and how identity/authorization integrates with provisioning, lifecycle, and operations.
• Demonstrated ability to embed regulatory, risk, and control requirements into architecture and provide audit-ready evidence and traceability.
• Excellent communication and stakeholder management; able to collaborate deeply with developers and platform engineers to deliver pragmatic solutions.

Preferred qualifications, capabilities, and skills

• Experience with policy-as-code and controls (e.g., OPA, Conftest, Sentinel) and mapping to control frameworks.
• Familiarity with Kubernetes platform identity (workload identity, service accounts), service meshes, and identity-aware networking.
• Experience with data governance practices: stewardship models, MDM, reference data, lineage, and reconciliation.
• Background in secrets management, mTLS/PKI, and certificate lifecycle for services.
• Track record improving team productivity via agile ways of working, backlog management, and delivery metrics.
• Relevant certifications (e.g., identity/directory, security, architecture).

About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.