Work Schedule
Standard (Mon-Fri)
Environmental Conditions
Office
Job Description
Job Description
Join Thermo Fisher Scientific as a Senior Staff IT Architect and lead the Federation Services pillar within our Identity and Access Management (IAM) team. In this high-impact role, you will shape the future of identity-driven access for ~140,000 employees and thousands of applications in a hybrid Active Directory and Entra ID environment. You will drive strategy, design, and governance for enterprise Single Sign-On (SSO), with the goal of enabling seamless and secure login to the organization's business applications.
Key Responsibilities:
- Provide strategic leadership for the design, implementation, and governance of the Federation Services pillar within IAM.
- Develop and maintain a comprehensive roadmap aligned with organizational priorities and industry best practices.
- Effectively communicate and demonstrate the value of IAM and Federation services to stakeholders at all levels of the organization.
- Develop and track metrics that demonstrate the health, stability, and business value of the Federation service.
- Ensure service availability and compliance with security and regulatory requirements.
- Ensure IAM solutions meet business security and regulatory requirements.
- Drive engineering efforts for IAM integrations across enterprise platforms.
- Collaborate with vendors and evaluate technologies to strengthen Federation services
- Partner with cross-functional teams to design and maintain efficient, scalable programs.
Preferred Qualifications:
- Bachelor’s degree in computer science, Information Systems, or related field (or equivalent experience).
- Expertise in enterprise SSO technologies (SAML 2.0, OpenID Connect, etc.) and identity solutions like Entra ID.
- Familiarity with user provisioning (SCIM), Active Directory, and application authorization models.
- Confidence in managing an Entra ID Conditional Access chain of moderate complexity, including documenting, requesting, testing, and performing changes to the chain as IT security requirements evolve.
- Knowledge of application deployment best practices, including hosting, DNS, SSL, and session cookies.
- Experience deploying SaaS and on-premise applications.
- Strong troubleshooting skills for web applications and SSO issues.
- Proficiency with scripting (PowerShell) and exposure to software development.
- Knowledge of ServiceNow automation and change management processes.
- Experience with AI-powered development tools (e.g., GitHub Copilot).
- Excellent communication and collaboration skills.
Compensation and Benefits
The salary range estimated for this position based in Maryland is $143,000.00–$190,650.00.
This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes:
A choice of national medical and dental plans, and a national vision plan, including health incentive programs
Employee assistance and family support programs, including commuter benefits and tuition reimbursement
At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy
Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan
Employees’ Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount
For more information on our benefits, please visit: https://jobs.thermofisher.com/global/en/total-rewards