REI Co-op is united around discovering, building and celebrating better ways of working in this world, all so that folks can find and pursue a love of the outdoors. When you work for the co-op, you do your best work with the support to live your best life. And you play a part in shaping the future of the outdoors, for people and our planet.

REI’s Architecture roles lay the architecture foundation for improving business performance from our IT portfolio.

The Cybersecurity Domain Architect job is a senior role with accountability for ensuring high architecture quality across a broad set of software applications as well as ensuring business performance targets are achieved through the contribution of the underlying systems architecture. Domain Architects partner closely with portfolio planning teams to shape solution architectures during the demand management/intake processes and take a leadership role for our Solution Architects and Engineers that are responsible for delivering solutions defined by the Domain Architect. It is a critical architecture role in REI and part of REI’s Architecture community. As a Cybersecurity Architect, you will work with a talented team that focuses on designing and implementing cutting-edge Cybersecurity solutions for both cloud and on-premises environments. You will collaborate with technical and business stakeholders as well as leadership to drive enterprise cybersecurity, enabling secure digital transformation with a modern yet compliant approach to identity and access management.

• Collaborate with cross-functional teams to design and implement secure Cybersecurity and IAM solutions that meet the specific needs of different departments and business units. Maintaining design documentation for approved and implemented architectures.
• In partnership with Cybersecurity leadership, develop and implement a comprehensive Cybersecurity strategy for the company, in line with industry best practices and regulatory requirements, spanning all facets of the enterprise from endpoint, cloud, network, IAM, etc.
• Stay abreast of emerging Cybersecurity and IAM technologies and trends. Provide guidance on how these can be leveraged to enhance the company's security posture.
• Develop and maintain Cybersecurity policies, procedures, and standards to ensure consistency and compliance with regulatory requirements.
• Assess risks and design security patterns for IAM processes such as provisioning, authentication, master data management, segregation of duties, Privileged Access Management (PAM), and federation.
• Assess, review and threat profiles functional and non-functional requirements, project scope details, architectural designs to formulate technical and non-technical security requirements in alignment with Co-Op cybersecurity policies.
• Lead cybersecurity risk assessment process with engineers and project teams.  Provide documentation to the project team outlining risk and required mitigations to gain approval for go-forward.
• Serve as technical resource for project teams to help identity security requirements, review architectures and engineering plans.
• Serve as a technical SME to the GRC function to influence policy and standard creation and enforcement, and assist with developing overall risk strategy and processes to analyze, track, and report on enterprise risk.
• Accountable for ensuring their domain’s architecture quality; performance, security, availability, and flexibility
• Accountable for defining the Solution Architectures for proposed projects during Demand Management/Intake processes
• Accountable for defining architecture policies, principles, and standards for their domain. Maintaining design documentation for approved patterns.
• Accountable for managing the application portfolio (application lifecycles and investment disposition) for applications scoped to their domain.
• Advocates and champions of Enterprise Architecture concerns to project teams managed by their domain’s project portfolio.

Required Skills & Experience

• Bachelor’s degree in Engineering, Computer Science or other related technology degree.
• Minimum of seven (7) years of experience in Cybersecurity solutions design, development, implementation, and maintenance of large-scale systems across multiple platforms  , across multiple Cybersecurity domains (network, endpoint, IAM, cloud, vulnerability management)
• Ability to define business value and shape solutions to achieve business value at the lowest cost and at the fastest duration possible.
• Documented experience and a solid understanding of identity lifecycle management, credential management, role-based access, and identity governance administration with experience in cloud and on-premises environment (ex: Okta, Saviyant, SailPoint, Ping IGA products)
• Excellent consulting, facilitation, demonstration, and communication skills to engage stakeholders and drive adoption of secure IAM solutions.
• Well-versed in security frameworks (e.g., NIST, ISO 27001) and regulatory requirements (e.g., PCI DSS)
• Possess a thorough understanding of enterprise networks, LAN & WAN technologies, and virtualization.
• Expert-level working knowledge and deep understanding of cyber security in at least four or more of the following disciplines: network engineering, Active Directory, public key infrastructure, encryption, DLP, endpoint security, penetration testing, application security, or cloud security
• Extensive experience in managing Microsoft Entra (Azure AD), Active Directory, AWS IAM, and related security protocols (OAuth, SAML, Kerberos, etc.) 
• Familiarity with identity-related standards efforts such as SCIM (System for Cross Domain Identity Management) and FIDO (Fast Identity Online), 2FA (2 Factor Authentication) best practices, as well as social identity and mobility and their adoption trends.
• Extensive knowledge in web services and service-oriented architecture (SOAP/REST) and TCP/IP protocols (HTTP, HTTPS, LDAP, SSL, SSH, DNS)
• Excellent presentation, verbal, written, and listening skills.
• Strong interpersonal and leadership skills including collaboration, facilitation and negotiation.
• Challenges the status quo, champions change and influences others to change.

Preferred Qualifications

• Ability to coach and mentor Cybersecurity engineers.
• Ability to use and communicate system design patterns and anti-patterns to improve system quality.
• Ability to manage solution architecture design to align to business value.
• Knowledge of retail industry technology.

At REI, we believe the outdoors is for all. We are committed to becoming a fully inclusive, anti-racist, multicultural organization. We know that there's strength in our diversity – that each employee brings unique skills, experiences, and perspectives. Every day you are driving change, fostering a culture of respect, and knowing you're backed by benefits that support your whole life. To work towards this commitment and fulfill our brand promise of inspiring and enabling a life outside for everyone, we seek employees who demonstrate different ways of working, create a sense of belonging, and actively listen and learn. 

Pay Transparency

We are committed to practices that promote pay equity and transparency. As required by applicable Pay Transparency laws, REI provides a range of compensation for roles that may be hired in locations under these requirements. Factors that may be used to determine your actual salary may include a wide array of factors, including: your specific skills and experience, geographic location or other relevant factors.

REI offers all regular employees a generous employee discount, access to health benefits, a retirement savings plan and accrued time off. Click here for a detailed overview of benefits plans by employee profile.