Global Identity Architect (US)
Global Identity Architect (US)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
MAIN PURPOSE
The Identity Architect will serve as the technical lead for designing building and delivering novel and greenfield enterprise identity services as part of M&A lifecycle and other strategic programs. This role is responsible for architecting a secure scalable and operationally sound Okta Microsoft Entra ID on-premises Active Directory and identity access governance & automated identity lifecycle management to support the TKO operations for global brands such as UFC WWE IMG OLE PBR and more. The architect will ensure seamless integration with cloud platforms identity providers and core business systems while maintaining alignment with security compliance and operational requirements.
WHY JOIN TKO
TKO unites three of the most recognizable brands in global sports UFC WWE and PBR with the premier hospitality brand OLE and the world-class broadcast sports and events company IMG to form a next-generation technology sports and entertainment powerhouse. As TKO prepares to separate from Endeavor and build a fresh infrastructure this is a rare opportunity to engineer core systems at scale in a greenfield environment.
Youll work with cutting-edge identity cloud and infrastructure technologies from Okta and Entra ID and enterprise automation using Workato Service Now Workday and Okta Workflows. The challenges are complex the expectations are high and the impact is real. Your work will support everything from corporate operations to global broadcasts and live events.
If you want to build something that lasts and do it with autonomy and purpose then TKO is where you want to be.
KEY RESPONSIBILITIES
- Lead the design and execution of identity services across Okta Active Directory and Microsoft Entra ID supporting the stand-up of TKOs greenfield IT environment.
- Lead and drive complex cross-enterprise identity migrations as part of M&A or divestiture programs leveraging tools such as Quest Migration Manager Quest OnDemand Migration (ODM) BitTitan MigrationWiz or equivalent platforms to ensure secure phased transitions across forests tenants and domains.
- Architect and deploy secure scalable directory structures trust relationships and authentication flows across on-prem and cloud systems.
- Own configuration and integration of Okta Identity Cloud as the primary identity provider including SSO MFA (e.g. Verify Fastpass) SCIM provisioning API provisioning and directory integrations.
- Design and operate Identity Lifecycle Management (ILM) workflows integrated with Workday ensuring automated joiner/mover/leaver processes are secure scalable and auditable.
- Architect lead and drive the development of automated identity lifecycle workflows using Workday Okta Workflows and Okta Identity Governance including access certifications and entitlement reviews.
- Design and implement AD forest/domain strategy including OU structure GPO hierarchy DNS and replication models.
- Manage and maintain Microsoft Entra ID joined devices with accountability for device compliance enrollment and configuration policies via Microsoft Intune.
- Oversee synchronization and federation patterns between Active Directory (AD) Okta and Entra ID ensuring high availability and alignment with security and compliance requirements.
- Ensure architectural decisions and implementations meet or exceed identity governance requirements aligned with SOX PCI DSS and other relevant compliance standards.
- Collaborate with Infrastructure Security and Application teams to ensure frictionless integration with enterprise systems and SaaS platforms.
- Proactively identify risks and blockers in identity architecture or execution and drive solutions forward.
- Maintain tight alignment with TKO stakeholders and cross-functional delivery teams.
- Occasionally you may be requested to travel and work long days and weekends during critical change events to support identity orchestration and migration efforts architecturally.
SKILLS & ABILITIES
- Architectural Leadership: Able to design articulate and defend identity architecture decisions across hybrid environments (Okta AD Entra ID).
- Extreme Ownership: adopts the leadership philosophy that means taking accountability for failures setbacks and results within your sphere of influence even those caused by others on your team.
- Execution-Focused: Operates with urgency and accountability; drives deliverables forward without constant oversight.
- Cross-Platform Expertise: Strong understanding of identity federation SCIM provisioning authentication protocols (SAML OIDC OAuth) and lifecycle automation.
- Analytical Thinking: Able to break down complex technical problems and deliver practical scalable solutions.
- Documentation Excellence: Produces clear detailed and professional HLDs LLDs runbooks and process diagrams.
- Mentorship & Collaboration: Capable of guiding junior engineers and collaborating effectively across infrastructure security and application teams.
- Communication: Strong written and verbal communication skills; able to influence stakeholders and explain complex concepts to technical and non-technical audiences.
- Comfort with Ambiguity: Thrives in environments where direction is still forming and able to bring structure and clarity to grey areas.
- Resilience: Maintains focus and composure under pressure in fast-moving high-visibility environments.
- Customer Orientation: Keeps business impact front of mind; balances technical excellence with pragmatic execution
Required:
- Bachelors degree in computer science Information Technology Engineering or a related field or equivalent hands-on experience.
- 8 years of experience in identity and access management enterprise infrastructure
- Demonstrated experience leading identity architecture and delivery for large-scale hybrid environments.
Hands-on expert-level proficiency with:
- Okta Identity Cloud (SSO MFA Workflows Lifecycle Management Identity Governance)
- Microsoft Active Directory (forest/domain design GPOs trusts replication)
- Microsoft Entra ID / Azure AD (hybrid join conditional access identity federation)
Desirable project experience:
- Development and operationalization of an automated identity lifecycle management (ILM) processes using Workday Okta Workflows Active Directory Microsoft Entra ID / Azure AD and Identity Governance tools.
- Successful implementation of a greenfield Okta environment including directory integration policy configuration and application onboarding.
- Experience supporting identity and access projects in regulated industries with alignment to compliance frameworks such as SOX PCI DSS or NIST.
- End-to-end participation in enterprise IAM modernization efforts such as privileged access management (PAM) privileged identity management (PIM) and phishing-resistant MFA (e.g. Microsoft Passkey FastPass Yubikey FIDO2).
- Cross-functional leadership in M&A or divestiture-driven identity migrations including TSA exit planning.
Preferred Certifications:
- Okta Certified Professional / Okta Certified Consultant
- Microsoft Certified: Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Azure Solutions Architect Expert
- Certified Information Systems Security Professional (CISSP) or GIAC certifications (IAM/GRC)
- Training or certification in Zero Trust Architecture PIM/PAM Design IAM Governance
Required Experience:
Exec
Employment Type
Full Time
