Senior Security Architect

General Information Locations: Kirkland, Washington, United States of America • Location: Kirkland • Country: United States of America Role ID 204317 Worker Type Regular Employee Studio/Department CTO - Security Flexible Work Arrangement Hybrid Description & Requirements We are a global team of creators, storytellers, technologists, experience originators, innovators and so much more. We believe amazing games and experiences start with teams as diverse as the players and communities we serve. At Electronic Arts, the only limit is your imagination.• **Open to Remote***We are looking for an experienced senior security architect to join our team. You will design the security architecture for our enterprise core products, with a focus on securing users & administrators, enterprise applications, data, and systems. You will also lead the strategy and work with teams on security mission-critical products such as Active Directory, Entra ID, M365, Device Authentication & Posture management, Red forest/Enhanced Security Admin Environment (ESAE) for Admins.You will also lead EA’s technical security standard track based on CIS benchmarks to maintain compliance on enterprise systems, and applications. We are looking for a candidate with understanding of security principles, technologies, and best practices across several domains, including network security, application security, data protection, identity management, and cloud security.You will report to the Director of the Enterprise Security Engineering Core & Admin teamResponsibilities• Lead the enhancement of a secure administrative platform for administrators based on Enhanced Security Admin Environment (ESAE) architecture & privileged access strategy• Secure Active Directory, Okta and Entra ID, ensuring that directory services are protected against unauthorized access and vulnerabilities.• Lead the strategy and architecture for compliance with EA’s security standards based on CIS benchmarks for enterprise systems.• Perform application security reviews and threat modeling on mission-critical systems, & enterprise applications to find and address potential security risks.• Lead the strategy and architecture for device authentication and posture management solution for application access.• Lead the implementation of a zero-trust security model across the organization, ensuring protection of user and admin accounts, systems and data.• Stay up to date with the latest industry security trends, threats, and technologies, and improve the security posture of our enterprise systems, and M365 environments.• Periodically update security policies to incorporate the latest security controls.• Lead the cloud enclave strategy and design to ensure that critical services such as Active Directory can be securely hosted in the cloud enclave.• Ensure that we have a thoroughly tested recovery plan in place to recover from service failures or compromises for services such as Active directory, Okta, Entra ID, and Secure Administrative platforms/Red Forest.• Work with EA’s principal cloud security architect and help engineer and development of security architectures and solutions that ensure the protection of our cloud-based systems and data in M365, AWS & GCP.• Create comprehensive documentation for security architectures, procedures & best practices.Qualifications• 10+ years of experience in information security, with at least 4 years in a senior or architectural role• Technical skills in areas such as network security, cryptography, identity management, threat modeling, application security, and risk management.• Experience with zero trust security models, identity and access management, directory synchronization, and federation services.• Experience integrating enterprise Identity and Access Management (IAM) with CSPs such as Azure, AWS, and GCP.• Experience with device authentication solutions and posture management strategies using Entra ID, Opswat, and Intune.• Expertise in securing directory services such as Active Directory, Okta and Entra ID.• Familiarity with CIS benchmarks and other industry security standards.• Knowledge of authentication standards/protocols (NTLM, Kerberos, LDAP, SAML, FIDO2/WebAuthN, OIDC, OAuth2.0).• Experience developing and testing recovery plans for service failures or compromises for critical services such as Active directory, Entra ID.• Experience with cloud security architectures and solutions (AWS, Azure, Google Cloud) with a emphasis on securing the M365 ecosystem.• Experience with network protocols, encryption techniques, and security frameworks such as NIST and ISO/IEC 27001.• Relevant certifications such as CISSP, CISM, CCSP, or similar• Experience with infrastructure as code (IaC) and automation tools (Terraform, Ansible)COMPENSATION AND BENEFITS The ranges listed below are what EA in good faith expects to pay applicants for this role in these locations at the time of this posting. If you reside in a different location, a recruiter will advise on the applicable range and benefits. Pay offered will be determined based on a number of relevant business and candidate factors (e.g. education, qualifications, certifications, experience, skills, geographic location, or business needs). BASE SALARY RANGES• California (depending on location e.g. Los Angeles vs. Sacramento)• $138,200 - $219,000 USD• Colorado (depending on location e.g. Denver vs. Colorado Springs)• $153,100 - $206,200 USD• Jersey City, NJ• $171,100 - $219,000 USD• New York (depending on location e.g. Manhattan vs. Buffalo)• $136,600 - $219,000 USD• Washington (depending on location e.g. Seattle vs. Spokane)• $136,600 - $202,300 USDIn the US, we offer a package of benefits including paid time off (3 weeks per year to start), 80 hours per year of sick time, 16 paid company holidays per year, 10 weeks paid time off to bond with baby, medical/dental/vision insurance, life insurance, disability insurance, and 401(k) to regular full-time employees. Certain roles may also be eligible for bonus and equity.