Company Description Veza is the pioneer in identity security, purpose-built to answer the fundamental question enterprises face: who can and should take what action on what data. Veza's Access Graph platform maps an organization's entire identity ecosystem across users, groups, roles, policies, permissions, and resources providing deep visibility and control over human, non-human, and agentic identities across SaaS, cloud, on-prem, and custom applications. With over 30 billion access permissions under management, global enterprises including Blackstone, Expedia, and Wynn Resorts trust Veza to manage privileged access monitoring, non-human identity security, access entitlement management, and next-generation identity governance. Founded in 2020 and headquartered in Redwood City, California, Veza is now part of the ServiceNow family, with the acquisition closing in March 2026. The combination brings together Veza's AI-native Access Graph with ServiceNow's AI Control Tower and agentic workflows, enabling organizations to enforce end-to-end identity security rooted in the principle of least privilege across applications, data, cloud environments, and AI agents. For engineers joining Veza today, this means the scale and resources of an enterprise platform company, with the product velocity and mission-driven focus of a security innovator at a pivotal moment in the industry. Job Description What you get to do in this role: A Veza Identity Governance / Lifecycle Management (LCM) Architect designs and deploys access controls, authorization policies, and automated workflows on the Veza platform. Candidates require 5 to 10+ years of IAM experience, proficiency with cloud/SaaS access management, and strong customer-facing consulting or engineering skills. Qualifications To be successful in this role you have: Core Qualifications & Experience - Experience: 5+ years of hand on professional experience in IAM (Identity and Access Management) architecture, security consulting, or customer success. [ - Education: Bachelor's Degree in CS, Cybersecurity, or equivalent practical experience. - Platform Knowledge: Fluency in IGA (Identity Governance & Administration) platforms, authorization graphs, and access discovery. - Cloud & SaaS: Hands-on experience integrating identity platforms across cloud service providers (AWS, Azure, GCP) and enterprise SaaS (Microsoft 365, Salesforce, ServiceNow, GitHub). Technical Competencies - Lifecycle Management: Deep understanding of Joiner/Mover/Leaver (JML) processes and automated provisioning workflows. - Authorization Models: Mastery of RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and the Principle of Least Privilege. - Non-Human Identities: Ability to govern and track machine identities, service accounts, and API keys. - Scripting/APIs: Practical knowledge of building API-driven integrations using Python, REST APIs, or SQL. Soft Skills & Business Capabilities - Executive Communication: Ability to translate complex access policies into actionable technical controls and advise CISOs/Security Leaders. - Project Leadership: Track record of gathering requirements, conducting stakeholder workshops, and leading deployments from kickoff to production. - Core Values: Veza typically looks for customer-centric problem solvers with an ownership mindset and can lead projects independently. FD21 For positions in this location, we offer a base pay of $123,900 - $216,800, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.

Title: Senior Identity & Access Architect- Atlanta, GA, Austin, TX or Cleveland, OH Location: Atlanta, GA, Austin, TX or Cleveland, OH, United States Job Description: OEC provides software solutions to those who work in the automotive parts and repair industry. Our solutions make it easier for automotive industry professionals to buy and sell parts, conduct repair research & planning, optimize estimates, improve the parts supply chain, and more. OEC partners with many of the world’s largest manufacturers, dealers and suppliers, shops and repairers, and service providers, giving our customers access to a comprehensive network and a streamlined workflow. Interview integrity requirement *Candidates must personally complete all interviews and technical assessments. The use of proxies or third-party representatives during any stage of the hiring process is prohibited and will result in disqualification. Final candidates will be required to participate in at least one in-person interview. Some travel for this role is expected. Reasonable accommodations will be provided in accordance with applicable laws.* What You’ll Do You’ll design, implement, and evolve enterprise-scale identity platforms that are secure, resilient, and intuitive to use. This role plays a critical part in enabling secure access across on-premises, hybrid, and cloud environments, ensuring the right identities have the right access to the right resources, at the right time. You’ll collaborate closely with security engineering, infrastructure, cloud, application teams, HR, and compliance to deliver identity solutions that balance strong security controls with usability and operational efficiency. How You’ll Make an Impact - Design, implement, and support hybrid identity architectures using Active Directory, Microsoft Entra ID, and Okta. - Architect secure authentication, authorization, and federation patterns for workforce, partner, and service identities. - Apply least-privilege access models using RBAC, ABAC, and role lifecycle management aligned to business functions. - Design and implement MFA, passwordless authentication, conditional access, and adaptive authentication policies that balance security and usability. - Enable and automate joiner/mover/leaver (JML) processes and identity lifecycle workflows. - Integrate IAM platforms with HR systems, directories, and SaaS applications. - Support identity-related incident response, including investigation and remediation of access misuse, authentication failures, and identity compromise. - Monitor identity signals, logs, and alerts to strengthen detection and response capabilities. - Create clear architecture diagrams, standards, runbooks, and implementation documentation. - Provide architectural guidance, design reviews, and best-practice recommendations to application and infrastructure teams. What You Bring - 7+ years of experience in security or identity architecture with deep, hands-on expertise in enterprise IAM platforms. - Advanced experience with: - Active Directory (domains, forests, trusts, GPOs, authentication protocols) - Microsoft Entra ID (Conditional Access, MFA, Identity Protection, PIM) - Okta (Workforce Identity, SSO, MFA, Lifecycle Management, Workflows) - Proven experience designing and operating hybrid AD / Entra ID architectures, including directory synchronization. - Strong background in: - Identity lifecycle automation and role modeling - Okta application integrations, federation, and lifecycle rules - Risk-based access design and Zero Trust identity strategies - Privileged identity and access management (PIM, PAM, break-glass accounts) - Identity governance, access reviews, and certification at enterprise scale - Large-scale directory transformations and cloud migrations - Cloud-first and hybrid identity architecture design Skills That Set You Apart - Deep understanding of identity and access protocols, including Kerberos, LDAP, SAML, OAuth 2.0, and OpenID Connect. - Strong knowledge of Zero Trust principles and identity-centric security models. - Ability to communicate complex technical concepts clearly to both technical and non-technical stakeholders. - Highly organized with strong prioritization and time-management skills. - Flexible, adaptable, and comfortable navigating shifting priorities. - Effective in a remote or hybrid environment with limited in-person interaction. Education & Experience - Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field required. - Equivalent, directly relevant professional experience may be considered in lieu of a degree. What to Expect - Participation in virtual meetings with camera enabled. - Occasional travel to collaborate in person on key initiatives. What We Offer: - Full benefits starting Day 1: Medical, Dental, and Vision - 401(k) with company match - Unlimited Flex Time Off plus 10 company-paid holidays - Professional development programs, tuition assistance, and quarterly book program - Free wellness coaching and pet insurance - Home office equipment stipend - Employee resource groups and exclusive employee discounts What makes working at OEC awesome? It varies from employee to employee. For some, it's the flexibility - whether it's remote work or a hybrid or in-person role, OEC takes our teams across multiple time zones and international communities. For others, it's the strong sense of camaraderie and community that celebrates both individuals and team-driven contributions. Or it could be the empowerment and how the team is encouraged to take risks, learn, and grow within a dynamic and supportive environment. But no matter what gets us out of bed in the morning, our whole global community is inspired to be forward thinking and drive innovative solutions for the automotive parts and repair industry. OEConnection is subject to certain governmental recordkeeping and reporting requirements for the administration of civil rights laws and regulations. In order to comply with these laws, we invite applicants and employees to voluntarily self-identify their gender, race and ethnicity. Submission of this information is strictly voluntary and refusal to provide it will not subject you to any adverse treatment. The information obtained will be kept confidential and may only be used in accordance with the provision of applicable laws, executive orders, and regulations, including those that require the information to be summarized and reported to the federal government for civil rights enforcement. When reported, data will not identify any specific individual. This information will be maintained separately from your application for employment. If you do not wish to self-identify at this time, you may do so in the future by submitting this form. Failure to provide the following information will not subject you to any adverse action or treatment. OEConnection is an Equal Opportunity/ Affirmative Action employer. We provide equal employment opportunities to all qualified employees and applicants for employment without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, veteran status, disability or any other legally protected status. We prohibit discrimination in decisions concerning recruitment, hiring, compensation, benefits, training, termination, promotions, or any other condition of employment or career development. Job Details Job Family Risk and Compliance Pay Type Salary

- **Ontology & Taxonomy Design:** Lead the creation, modeling, and evolution of enterprise-wide ontologies, taxonomies, and controlled vocabularies that accurately represent complex business domains. - **Knowledge Graph Architecture:** Design and implement scalable architecture, ingestion pipelines, and governance for enterprise Knowledge Graphs (Triple Stores or Property Graphs). - **Semantic Layer Strategy:** Build and maintain the enterprise semantic layer to abstract physical data complexities, providing a unified, machine-readable business view of data. - **Data Product Augmentation:** Partner with domain data teams to map, link, and augment decentralized **Data Products** using the central ontology to ensure semantic interoperability across the organization. - **Inference & Reasoning:** Implement semantic reasoning and inference rules to automatically generate new metadata and uncover hidden insights within the graph. - **Governance & Standards:** Establish best practices, version control mechanisms, and data contracts for semantic models, ensuring consistent graph schema updates across business units.

• Develop and maintain a clear, evolving view of enterprise infrastructure, services, and architectural patterns, helping teams understand how systems fit together today and where they are heading. • Crystallize and communicate architectural principles that reflect how the organization builds and operates systems—grounded in real-world practices across teams rather than top-down mandates. • Identify gaps, overlaps, and friction points across the technology landscape, and work with service owners and engineering teams to align opportunities for simplification, consolidation, or new shared capabilities. • Partner with platform, infrastructure, and product engineering teams to build shared understanding of how systems interoperate, helping teams make informed design decisions that support a broader, cohesive architecture. • Translate complex systems into accessible artifacts—diagrams, reference architectures, written guidance, and lightweight standards—that help engineers quickly understand the landscape and make effective choices. • Act as a connector across teams, facilitating conversations that lead to alignment without requiring formal authority; build consensus around direction, tradeoffs, and priorities. • Help identify high-value areas for Builder Enablement investment, creating the foundation for engineers to develop paved paths such as templates, tooling, and reusable components. • Engage with engineering efforts at key moments (e.g., early design, major changes) to provide architectural guidance and ask thoughtful questions, balancing short-term needs with long-term system health. • Evangelize a systems mindset, helping engineers and teams think beyond individual services to how their work contributes to a larger platform. • Mentor engineers and architects across the organization, helping them develop stronger architectural thinking, navigate ambiguity, and make better tradeoffs.