CIAM Solution Architect

Job Title: CIAM Solution ArchitectLocation: Onsite - Raleigh, NC or Phoenix, AZ | Remote (US) Experience Required: 8+ Years (3+ Years in CIAM Architecture) Employment Type:ContractRole Overview We are seeking an experienced CIAM Solution Architect to define, design, and deliver a secure, scalable Customer Identity and Access Management (CIAM) platform for large-scale, customer-facing applications. This role will drive CIAM strategy and roadmap execution, ensuring frictionless customer experiences while meeting stringent security, privacy, and regulatory requirements. The ideal candidate brings strong hands-on architecture experience with modern CIAM platforms-especially Okta-and deep expertise in identity protocols, Zero Trust security, and cloud-native architectures. Key ResponsibilitiesCIAM Strategy & Architecture Define and drive the enterprise CIAM roadmap in collaboration with engineering, security, and business stakeholders. Design and document end-to-end CIAM solution architectures for customer-facing applications, ensuring scalability, security, and compliance. Develop omnichannel CIAM patterns across Mobile, Web, and Customer Care platforms. Platform Integration & Delivery Lead integration of Okta as the CIAM platform across cloud and hybrid environments. Architect CIAM solutions for registration, login, account management, and customer identity lifecycle management. Design frictionless user journeys incorporating MFA, adaptive authentication, consent management, and federation. Security, Compliance & Governance Implement Zero Trust principles and enforce authentication and authorization standards. Ensure compliance with regulatory and security frameworks including GDPR, CCPA, PCI-DSS, HIPAA, SOC2, and ISO 27001. Align IAM architectures with NIST, OWASP, MITRE, and encryption standards. Conduct CIAM-related risk assessments and implement mitigation strategies. Identity & Access Patterns Provide architectural guidance on SSO, federation, delegated administration, privileged access, and API security. Design identity solutions using industry standards and protocols such as SAML, SPML, XACML, SCIM, OpenID Connect, and OAuth 2.0. Support API-driven and microservices-based architectures with secure identity patterns. Documentation & Leadership Maintain architecture diagrams, technical standards, reference architectures, and operational playbooks. Act as a trusted advisor, providing CIAM best practices and technical leadership across teams. Required Skills & Qualifications 8+ years of experience in Identity & Access Management (IAM), with at least 3+ years focused on CIAM architecture. Proven experience designing and deploying CIAM solutions for large-scale, customer-facing platforms. Strong expertise in IAM protocols: SAML, SPML, XACML, SCIM, OpenID Connect, OAuth. Hands-on experience with CIAM platforms such as Okta, Onespan, and Twilio. Strong knowledge of Directories, SSO, Federation, Delegated Administration, API Gateways, and SOA services. Solid understanding of MFA, PAM, and Risk-Based Authentication. Experience integrating CIAM with enterprise and third-party systems such as Salesforce and other SaaS platforms. Working knowledge of AWS, Azure, and GCP, including DevSecOps practices. Excellent communication skills with the ability to collaborate across business and technical teams. Preferred Qualifications Professional certifications such as CISSP, CCSP, AWS/Azure Security, or equivalent. Experience working in financial services or highly regulated industries. Key Competencies Strong architectural and strategic thinking Ability to influence without authority Security-first mindset with customer experience focus Ownership and accountability for enterprise CIAM outcomes Ability to operate in complex, cross-functional environments Technical SkillsCIAM Architecture | Okta | OAuth2 | OpenID Connect | SAML | SCIM | MFA | Zero Trust | API Security | Cloud IAM | GDPR | PCI-DSS | NIST | OWASP

Created: 2026-03-10