We are seeking a Principal Security Architect to lead the evolution of Scopely’s security architecture across a high-scale, cloud-native environment. This role is ideal for a strategic technical leader who thrives on designing security systems that enable innovation without compromising protection.

As a senior cross-functional leader, you will collaborate deeply with teams across Product Security, Cloud Security, Corporate Security, Compliance, Infrastructure, and Game Studios. You’ll bring a deep understanding of modern identity and access management (IAM), cloud-native architecture, and zero-trust principles—and you’ll be expected to unify those pillars across domains into a single cohesive security vision.

What You’ll Do

• Define and own Scopely’s global security architecture vision—ensuring it supports scale, developer agility, and business needs across all security disciplines.
  
  
• Design and implement architecture patterns across identity, cloud workload protection, service-to-service auth, and perimeter-less access using zero trust.
  
  
• Partner with Product Security to embed security early into game and platform development, promoting secure-by-default design patterns and threat modeling.
  
  
• Collaborate with Cloud Security teams to ensure security controls are built into multi-cloud (AWS/GCP) environments via automation and infrastructure-as-code.
  
  
• Work closely with Corporate Security to extend identity and device-based access policies across enterprise endpoints and SaaS platforms.
  
  
• Engage with Compliance and GRC teams to ensure architecture supports continuous audit readiness for frameworks such as SOC2, ISO27001, and GDPR.
  
  
• Lead implementation of federated identity systems (OIDC, SAML, SCIM) and scalable RBAC/ABAC models across internal and external platforms.
  
  
• Champion zero-trust architecture adoption, including device/user risk scoring, continuous authentication, and just-in-time access workflows.
  
  
• Drive end-to-end automation of provisioning, deprovisioning, and least-privilege enforcement across hybrid infrastructure and SaaS tools.
  
  
• Influence security culture through mentorship, architecture reviews, and engaging deeply with engineers to build resilient systems without friction.
  
  
• Stay ahead of emerging threats, recommending controls and technologies to keep Scopely secure as we scale globally.
  
  

What We’re Looking For

Must-Haves:

• 8+ years in security architecture or engineering roles, ideally within high-scale or hyper-growth environments.
  
  
• Deep expertise in IAM, cloud security architecture, and scalable service protection models.
  
  
• Proven experience building or evolving zero trust security frameworks in large, distributed organizations.
  
  
• Track record of aligning architecture with regulatory compliance requirements in regulated or audit-intensive environments.
  
  
• Proficiency in infrastructure automation and scripting (e.g., Terraform, Python, Go, or TypeScript).
  
  
• Hands-on with federated auth protocols (OAuth2, OIDC, SAML), identity platforms (Okta, Auth0, AWS IAM Identity Center).
  
  
• Experience working with multiple security domains and cross-functional teams: Product Security, Cloud Security, Corporate IT, Compliance/GRC.
  
  
• Excellent communication and leadership skills—capable of presenting and influencing at both engineering and executive levels.
  
  

Bonus Points:

• Experience architecting security in gaming environments or real-time services.
  
  
• Previous work on passwordless authentication and session-based identity models.
  
  
• Familiarity with CIEM tools, cloud-native security analytics, or open-source security frameworks.
  
  
• Contributions to open-source projects or security standards (e.g., OPA, SPIFFE, OpenID Foundation).
  
  
• Experience integrating workforce IAM with customer identity flows (B2C/B2B hybrid).