Step into the role of a Principal Architect at JPMorganChase and become a driving force behind the development and adoption of cutting-edge, cloud-based technologies.

As a Principal Architect at JPMorganChase within the Core Infrastructure Platforms Architecture team you provide expertise to enhance and develop architecture platforms based on modern cloud-based technologies, as well as support the adoption of strategic global solutions. Leverage your advanced architecture capabilities and collaborate with colleagues across the organization to drive best-in-class outcomes. You will design the data and API foundations that connect identity, authority, ownership, and permission to workload deployment on IaaS platforms and hypervisors. This is a senior individual contributor role, focused on rigorous data modeling, software and API design, and identity architectures in a large, regulated financial environment. You will define canonical models and service contracts, ensure designs meet regulatory and control requirements, and partner closely with platform, engineering, and development teams.

Job responsibilities

Defines and owns canonical data models capturing identity, authority, ownership, and permissions across compute, storage, and network resources; model relationships among people, services, applications, and infrastructure assets.
Designs and evolves APIs and service contracts for entitlements and workload onboarding to IaaS and hypervisor platforms; establish versioning, compatibility, lifecycle, and governance for these interfaces.
Architects identity‑aware provisioning flows and guardrails: integrate with directory and identity systems (e.g., Kerberos, Active Directory), enforce RBAC/ABAC, separation of duties, least privilege, and auditable change.
Establishes and maintains data structures used for technology governance (e.g., product catalogs, inventories/CMDB, configuration attributes, organizational hierarchies) with clear sources of truth, lineage, and stewardship.
Embeds compliance and controls into designs: evidence and traceability for regulatory obligations on identity, access management, and operational risk; align with firm policies and applicable regulations.
Partners with platform teams (hypervisors, IaaS, Kubernetes) and application developers to ensure secure, operable, and scalable workload deployment patterns; produce reference architectures, patterns, and reusable templates.
Defines policies and policy‑as‑code approaches for identity, authorization, configuration, and change; integrate controls into CI/CD and provisioning pipelines.
Drives data quality and observability for governance datasets: schemas, validations, metadata, golden records, reconciliation, and reporting.
Conducts architecture/design reviews; document decisions, risks, exceptions/waivers, and remediation plans; present in governance forums.
Promotes effective ways of working: help organize team backlogs and ceremonies, ensure Jira/Kanban hygiene, run stand‑ups, and track delivery metrics to keep the team productive.
Mentors engineers and architects; foster a collaborative, low‑ego, outcome‑focused culture.

Required qualifications, capabilities, and skills

Formal training or certification on software Infrastructure Architecture concepts and expert applied experience
Extensive experience architecting in large, complex, regulated financial services environments, including identity‑centric designs and production delivery.
Deep expertise in enterprise identity management and directory services, including:
Kerberos and Active Directory (forests/domains, trusts, group nesting, SPNs, constrained delegation, service accounts, PKI).
Authorization models and controls (RBAC, ABAC, policy evaluation, least privilege, privileged access, break‑glass, JIT access).
Strong data modeling skills (relational, hierarchical, graph) and schema design for governance datasets (product catalogs, CMDB/inventory, configuration attributes, organizational structures).
Professional software and API design experience: REST/gRPC API design, versioning and compatibility strategies, service contracts, error models, pagination, performance, and security.
Hands‑on understanding of IaaS and hypervisor platforms and how identity/authorization integrates with provisioning, lifecycle, and operations.
Demonstrated ability to embed regulatory, risk, and control requirements into architecture and provide audit‑ready evidence and traceability.
Excellent communication and stakeholder management; able to collaborate deeply with developers and platform engineers to deliver pragmatic solutions.

Preferred qualifications, capabilities, and skills

Experience with policy‑as‑code and controls (e.g., OPA, Conftest, Sentinel) and mapping to control frameworks.
Familiarity with Kubernetes platform identity (workload identity, service accounts), service meshes, and identity‑aware networking.
Experience with data governance practices: stewardship models, MDM, reference data, lineage, and reconciliation.
Background in secrets management, mTLS/PKI, and certificate lifecycle for services.
Track record improving team productivity via agile ways of working, backlog management, and delivery metrics.
Relevant certifications (e.g., identity/directory, security, architecture).

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.

Design and architect secure, scalable data and API foundations for identity and governance in a leading financial environment.

Apply now

See more open positions at J.P. Morgan

Privacy policy Cookie policy

IMPORTANT INFOMATION
The content of this webpage should not be construed as financial advice. Any decision to invest should be made only on the basis of the relevant documentation for each investment. Past performance is not necessarily a guide to future performance. The value of an investment may go down as well as up and investors may not get back the full amount invested. Investments in small unquoted companies carry an above-average level of risk. These investments are highly illiquid and as such, there may not be a readily available market to sell such an investment. Envestors does not provide specific individual advice on the suitability of investments with regard to a potential investor's individual circumstances, risk tolerance or investment objectives and investors should seek independent financial advice if they are in any doubt whether a product is suitable for them

FULL RISK WARNING
Envestors Ltd is authorised and regulated by the Financial Conduct Authority (FCA) in the UK. Firm Reference Number (FRN) 523952. Envestors is incorporated in England & Wales, registration number 07236828. Registered office: Envestors Limited, c/o Ballards LLP, Oakmoore Court, Kingswood Road, Hampton Lovett, Droitwich Spa, Worcestershire, WR9 0QH

Website Agency • Design Thing

Envestors Job Search

Principal Architect — Identity, Data Modeling, and Platform APIs

Working together with

Envestors

Policies

Investors

Entrepreneurs

Become a partner today