About Convatec
Pioneering trusted medical solutions to improve the lives we touch: Convatec is a global medical products and technologies company, focused on solutions for the management of chronic conditions, with leading positions in Advanced Wound Care, Ostomy Care, Continence Care, and Infusion Care. With more than 10,000 colleagues, we provide our products and services in around 90 countries, united by a promise to be forever caring. Our solutions provide a range of benefits, from infection prevention and protection of at-risk skin, to improved patient outcomes and reduced care costs. Convatec’s revenues in 2024 were over $2 billion. The company is a constituent of the FTSE 100 Index (LSE:CTEC). To learn more please visit http://www.convatecgroup.com
Your focus would be to provide strength and skills in Digital Workplace and Identity management. The Architect would support projects and initiatives and act as a bridge between Solution Architecture, Platform Architecture, IT Delivery (Engineering) and IT Operations.
Key duties and responsibilities
Design scalable, API-led architectures using REST, GraphQL, middleware, microservices and event-driven patterns.
Design and develop comprehensive digital workplace architectures that align with the organization's strategic goals and objectives.
Lead the evaluation, selection, and implementation of digital workplace tools, including collaboration platforms, communication tools, and productivity applications.
AI Integration: Leveraging AI and machine learning to enhance identity verification and fraud detection.
Behavioural Analytics: Using behavioural analytics to identify and respond to unusual access patterns.
Zero Trust Principles: Implementing Zero Trust principles to ensure secure access to resources regardless of the location of the user.
Produce high-quality HLA and HLD documentation and oversee adherence throughout project delivery.
Work closely with product owners, engineering leads and vendors to define architectural runway for digital and commercial products.
Facilitate vendor selection, RFP responses, and total cost of ownership (TCO) analysis for new digital and commercial technologies.
Advocate and embed privacy-by-design, security-by-design and AI-by-design principles.
Provide architectural guidance to delivery teams and act as Technical Design Authority (TDA) for commercial solutions.
Contribute to maturity assessments and future-state models for Convatec’ s digital and commercial technology landscape.
Skills & experience
Understanding IAM Principles: Knowledge of fundamental IAM concepts such as authentication, authorization, user provisioning, and de-provisioning is crucial.
Implementation of IAM Solutions: Proficiency in implementing IAM solutions using tools like Okta, Microsoft Azure AD, Azure B2C and SailPoint.
Implementation of Privilege Access Management Solutions: Proficiency in implementing PAM solutions using tools like Okta, Microsoft Azure AD, Delinea, Salesforce or Omada
Expertise in Directory Services: Experience with directory services like Active Directory, Active Directory Federation Services, Entra AD, Azure B2C and LDAP, including their integration and management.
Schema Management: Ability to design and manage directory schema to support business requirements.
Role Based Access: Knowledge of fundamental Role Based Access concepts and best practices is crucial.
MS Exchange: Proficiency in Microsoft Exchange and Exchange online on hybrid environments.
Transactional email: Knowledge of transactional email concepts and platforms like Postfix, Postmark and Mailchimp.
Teams Voice and Collaboration: Knowledge of Office 365 services such as Copilot, SharePoint, OneDrive, Teams services and endpoint devices, Teams voice services, protocols and hybrid infrastructure architecture.
Familiarity with Security Protocols: Knowledge of protocols like SAML, OAuth, OpenID Connect, LDAP, DMARC, DKIM, SPF and RADIUS is essential for securing communications.
Private Key Infrastructure: Knowledge of Microsoft PKI services both on premise and on Azure Cloud.
Compliance and Standards: Understanding of industry standards and compliance requirements such as GDPR, HIPAA, and NIST.
Knowledge of MECM: Proficiency in SCCM and Intune service deployments and integrations such as Patch My PC.
Mobile Device Management: Knowledge mobile device management tools such as Microsoft Intune, Apple Business Manager or MaaS360.
Programming Languages: Proficiency in languages such as Java, Python, and C# for developing customized identity solutions.
Scripting Skills: Knowledge of scripting for automation and integration, using tools like PowerShell and Batch.
Enterprise Mobility: Knowledge of mobile device management (MDM) and enterprise mobility management (EMM) solutions.
Networking: Understanding of network architecture, including VPNs, firewalls, SIP and LAN/WAN configurations.
Cybersecurity: Familiarity with cybersecurity principles and tools, such as endpoint security, identity and access management (IAM), privilege access management and data protection.
Virtualization and VDI: Experience with virtualization technologies and virtual desktop infrastructure (VDI) solutions, such as Azure Virtual Desktop, AWS Workspaces, VMware and Citrix.
Automation and Scripting: Ability to write scripts and automate tasks using PowerShell, Python, or similar languages.
Knowledge of ServiceNow for customer service, case management and workflow automation.
Deep understanding of APIs, GraphQL, microservices, middleware, ESB patterns (Azure Integration Services preferred).
Experienced in creating HLAs and HLDs to a very high standard, operating independently and proactively.
Strong communication skills working with PMs, BAs, engineering teams, C-suite, and business leaders globally.
Experience with enterprise cloud platforms such as Azure, AWS or GCP.
Technical competencies
Architecture modelling (C4, ArchiMate or equivalent).
Understanding of DevOps practices, CI/CD, cloud hosting models and containerisation.
Good understanding of web technologies, headless architecture, Jamstack, React, Next.js, or similar.
Familiarity with enterprise data governance, privacy, security controls and compliance frameworks.
Understanding of SDLC methodologies: agile, SAFe, waterfall, DevOps.
At Convatec, we’re pioneering trusted medical solutions to improve the lives we touch. If you’re ready to make a real impact, apply today and help us bring our Forever Caring promise to life.
#LI-SA1
#LI-Hybrid
Beware of scams online or from individuals claiming to represent Convatec
A formal recruitment process is required for all our opportunities prior to any offer of employment. This will include an interview confirmed by an official Convatec email address.
If you receive a suspicious approach over social media, text message, email or phone call about recruitment at Convatec, do not disclose any personal information or pay any fees whatsoever. If you’re unsure, please contact us at careers@Convatec.com.
Equal opportunities
Convatec provides equal employment opportunities for all current employees and applicants for employment. This policy means that no one will be discriminated against because of race, religion, creed, color, national origin, nationality, citizenship, ancestry, sex, age, marital status, physical or mental disability, affectional or sexual orientation, gender identity, military or veteran status, genetic predisposing characteristics or any other basis prohibited by law.
Notice to Agency and Search Firm Representatives
Convatec is not accepting unsolicited resumes from agencies and/or search firms for this job posting. Resumes submitted to any Convatec employee by a third party agency and/or search firm without a valid written and signed search agreement, will become the sole property of Convatec. No fee will be paid if a candidate is hired for this position as a result of an unsolicited agency or search firm referral. Thank you.
Already a Convatec employee?
If you are an active employee at Convatec, please do not apply here. Go to the Career Worklet on your Workday home page and View "Convatec Internal Career Site - Find Jobs". Thank you!