Security Architect, CIAM

We are seeking a Security Architect with deep Customer Identity and Access Management (CIAM) expertise to support the delivery of large-scale digital identity transformation initiatives. You will play a critical role in assessing current-state capabilities, defining target-state architecture for MVP and future-state solutions, and driving secure, scalable customer identity strategies across enterprise environments.

This role combines strategic architecture, hands-on delivery leadership, and stakeholder engagement within complex transformation programmes across financial services.

Responsibilities

• Deliver technical capability assessments across CIAM environments and define strategic recommendations for modern identity ecosystems.
• Define target-state architecture and capability roadmaps for MVP and future-state CIAM implementations.
• Design and advise on customer identity and access management solutions including MFA, step-up authentication, ID proofing, and fraud prevention capabilities.
• Collaborate with cross-functional delivery teams, security stakeholders, and client leadership to support successful programme delivery.
• Provide architecture guidance across technologies including identity graph, identity fabric, behavioural analytics, device intelligence, and fraud scoring platforms.

Requirements

• 10+ years of proven experience delivering Security Architecture or CIAM transformation programmes within complex enterprise environments.
• Strong expertise in Customer Identity and Access Management technologies including Ping Identity, Okta, and ForgeRock.
• Experience designing authentication and identity verification capabilities including multifactor authentication, step-up authentication, and ID proofing.
• Strong understanding of identity ecosystems including identity graph, identity fabric, behavioural analytics, device intelligence, and fraud scoring.
• Excellent communication and stakeholder management skills with the ability to translate technical concepts into business outcomes.

Preferred Qualifications

• Experience working within financial services or highly regulated industries.
• Knowledge of zero trust security principles and modern identity standards such as OAuth, OIDC, and SAML.
• Experience supporting cloud-native identity transformation initiatives.
• Exposure to fraud prevention and digital trust platforms.
• Consulting or client-facing delivery experience within large transformation programmes.

Benefits

• Comprehensive Benefits Coverage – 100% company-paid health, life, and disability insurance effective from Day 1 of employment.
• Retirement Savings Program – Registered Retirement Savings Plan (RRSP) with the option of receiving a matching employer contribution.
• Virtual Health Care – Company-paid program available to all employees and their dependents/partners.
• Employee & Family Assistance Program (EFAP) – Company-paid support services for employees and their dependents/partners.
• Parental Leave Top-Up – Enhanced parental leave benefits available from Day 1 of employment.
• Wellness Support – Fitness reimbursement benefit to promote health and well-being.
• Professional Development – Personalized one-on-one business coaching from Day 1 to support career growth and accelerate development.