Principal, Architect, Identity

Posting Date: 4 Sept 2025

Location: Sofia, BG

Company: EBRD

Requisition ID 36000
Office Country Bulgaria
Office City Sofia
Division Information Technology  
Contract Type Fixed Term 
Contract Length 3 years 
Posting End Date  

 

 

 

 

Purpose of Job

Step into a strategic role where you'll shape the future of identity governance across the enterprise. As the Identity Solution Architect focused on IGA, you’ll lead the design and delivery of SailPoint-based solutions that drive secure, scalable, and compliant identity lifecycle management. You’ll play a central role in modernising how access is governed across cloud and on-premise environments, embedding zero-trust principles and policy-based automation into every layer of identity.

This is a hands-on architectural role for someone who combines deep technical expertise with strategic vision. You’ll define the end-to-end architecture for SailPoint and all the integrations — including access reviews, provisioning workflows, application onboarding, and role modelling — while ensuring alignment with security, compliance, and business objectives.

You’ll work closely with engineering, IAM operations, security, and application teams to guide design decisions, integrate with critical systems, and build scalable patterns that support future growth and regulatory readiness.

What you’ll drive:

  • Enterprise-wide SailPoint IGA implementations (IdentityNow or IdentityIQ)
  • Architecture for identity lifecycle management, access reviews, and policy enforcement
  • Application onboarding strategies and integration with HR systems, directories, and target apps
  • Role-based access control (RBAC) and attribute-based access control (ABAC) models
  • Automation of provisioning/deprovisioning processes and governance workflows
  • Secure integration with cloud platforms, SaaS, and federated identity providers
  • Identity data modelling, authoritative source strategy, and compliance reporting

This is your opportunity to be the architectural authority for identity governance — setting the direction, challenging legacy models, and delivering secure identity services that enable agility, compliance, and trust at scale.

Accountabilities & Responsibilities

As the Solution Architect for Platform Engineering, you will lead the strategic direction and long-term evolution of the Bank’s core technology platforms spanning cloud, on-premises compute, virtualisation, and storage infrastructure. You will be accountable for defining platform architecture strategy, ensuring that services are scalable, secure, and aligned with business and technology goals. Operating at a cross-enterprise level, you will influence major design decisions, challenge legacy patterns, and drive change in how platform capabilities are delivered and consumed.

Day-to-day responsibilities will include:

Defining and maintaining the enterprise-wide platform engineering strategy and reference architecture across compute (cloud and on-prem), storage, virtualisation, and container platforms.

Leading the modernisation and integration of on-premises infrastructure with public cloud environments, promoting hybrid or cloud-native patterns.

Driving the adoption of infrastructure as code (IaC), automation pipelines, and declarative provisioning approaches to reduce complexity and increase repeatability.

Overseeing platform decisions related to SASE, Network & Wireless, VMWare, Hyper-V, Kubernetes, and storage area networks (SAN/NAS) to ensure secure, performant environments.

Ensuring all platform designs embed security principles (e.g. zero trust, least privilege, secure boot, encryption at rest/in transit) by default.

Partnering with security, DevOps, and application teams to design platforms that support CI/CD, observability, and resilience.

Defining the architectural guardrails and technical standards for platform operations, performance monitoring, high availability, and business continuity.

Providing architectural oversight for significant change programmes involving data centre modernisation, cloud migration, or containerisation. 

Representing platform architecture in enterprise design authorities and governance boards to ensure alignment and control.

Knowledge, Skills, Experience & Qualifications

  • Strong ability to communicate complex technical concepts clearly, both in written and verbal formats, particularly when engaging with stakeholders 
  • Experience in capturing technical requirements and documenting them in written and pictorial (PowerPoint, Visio etc)
  • Experience in engaging with business and IT stakeholders to gather requirements and ensure alignment between architecture and business goals.
  • Experience working within Agile, DevOps, and product-aligned teams, contributing to sprint-based and continuous delivery
  • Demonstrable experience working within TOGAF with deep understanding of its application
  • Expertise in solution integration, process orchestration, and data flow design across enterprise systems.
  • Demonstrable experience supporting enterprise change initiatives.
  • Deep understanding of enterprise platform architecture including IaaS, virtualisation, container orchestration, and hybrid cloud patterns.
  • In-depth knowledge of compute infrastructure (e.g., physical servers, hypervisors), enterprise storage (SAN, NAS, object), and cloud-native services.
  • Strong awareness of cybersecurity frameworks (e.g., NIST, ISO 27001), infrastructure security controls, and secure infrastructure design principles.
  • Familiarity with disaster recovery, backup, failover architectures, and business continuity planning.
  • Understanding of network fundamentals (e.g., segmentation, firewalls, DNS, routing) as they relate to platform and cloud designs.
  • Proven ability to define and govern strategic platform architecture roadmaps across multi-vendor environments.
  • Skilled in bridging the gap between business requirements and infrastructure capabilities through clearly articulated architectural direction.
  • Strong leadership, influencing, and mentoring skills across engineering, operations, and architecture communities.
  • Technical acumen to assess emerging trends (e.g. confidential computing, serverless infrastructure, composable storage) and propose innovation paths.
  • Decision-making authority to rationalise complex trade-offs between performance, cost, security, and agility.
  • Professional certifications in cloud and virtualisation technologies (e.g., Azure Solutions Architect Expert, AWS Certified Solutions Architect, VMWare Certified Design Expert).
  • Professional certification in networking and security (e.g. Cisco CCNP, Palo Alto Cloud Security Engineer (PCCSE).

We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum).


Job Segment: Developer, Cloud, Architecture, Solution Architect, Compliance, Technology, Engineering, Legal