Be an Early Applicant
Identity and Access Management Consulting
The Role
Lead architecture and design of a next-generation centralized authentication platform, define target-state credential consolidation, guide vendor-agnostic SDK design, evaluate integrations (Transmit, Ping, passkeys), set standards for MFA/session management/federation, ensure compliance and resilience, document technical debt and ADRs, and mentor engineering teams through a multi-year modernization.
Summary Generated by Built In
Location: Remote, US-based (must be authorized to work in the United States)
Engagement Type: Independent Contractor
Industry: Enterprise / Financial Services
About the Role
We are looking for an IAM Solutions Architect to join a large, complex enterprise organization on a contract basis. You will serve as a technical lead and strategic advisor on the design of a next-generation, centralized authentication platform intended to replace a complex legacy identity system built over the past decade. This is a high-visibility role that requires both hands-on architectural expertise and the ability to guide engineering teams through a multi-year modernization program. The ideal candidate has designed enterprise-scale login and identity systems at Fortune 150 or global enterprise scale and understands the operational realities of running authentication infrastructure in a high-stakes environment. Experience in financial services or other highly regulated industries is a plus.
Key Responsibilities
• Lead the architecture and design of a centralized next-generation authentication platform, built in parallel with the existing production system
• Define the target-state architecture for credential consolidation across multiple business lines and product platforms
• Provide architectural guidance on the identity Abstraction Layer, a vendor-agnostic SDK library designed to decouple applications from underlying identity vendors
• Evaluate and advise on integration patterns between the Transmit platform, Transmit Mosaic (passkeys), Ping Federation, and other identity components
• Establish standards for authentication journeys, session management, MFA flows, and federation across consumer and commercial products
• Partner with security architects, application teams, and infrastructure engineers to ensure the platform meets compliance and resilience requirements
• Review existing identity journeys and connectors; document technical debt and provide remediation recommendations
• Mentor and provide technical direction to engineering teams responsible for building and maintaining the new platform
• Produce architectural decision records (ADRs), reference architectures, and roadmap documentation
Required Qualifications
• 12+ years of experience in Identity and Access Management architecture
• Demonstrated experience designing and delivering enterprise-scale centralized authentication platforms at Fortune 150 or global enterprise scale; financial services or similarly regulated environments a plus
• Deep knowledge of authentication protocols and standards: OAuth 2.0, OIDC, SAML 2.0, FIDO2/WebAuthn, and LDAP/Active Directory
• Hands-on experience with two or more enterprise identity platforms (Transmit Security, Ping Identity, ForgeRock, Okta, SailPoint, CyberArk, or equivalent)
• Experience architecting systems that consolidate credentials or unify identity across multiple applications or business lines
• Strong understanding of API security, token lifecycle management, and session architecture
• Proven ability to lead architecture decisions in complex, multi-stakeholder environments
• Experience with change management processes and operating within enterprise ITSM frameworks
Preferred Qualifications
• Hands-on experience with the Transmit Security platform
• Experience with passkey or FIDO2 implementations at scale
• Familiarity with SDK abstraction or facade design patterns for identity integrations
• Exposure to multi-product credential federation across large, complex enterprises
• Relevant certifications: CISSP, CIAM, Ping Certified Architect, or equivalent
• Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks
Contractor Requirements
• Must be based in the United States and authorized to work without sponsorship
• Must be able to pass a background check
Engagement Type: Independent Contractor
Industry: Enterprise / Financial Services
About the Role
We are looking for an IAM Solutions Architect to join a large, complex enterprise organization on a contract basis. You will serve as a technical lead and strategic advisor on the design of a next-generation, centralized authentication platform intended to replace a complex legacy identity system built over the past decade. This is a high-visibility role that requires both hands-on architectural expertise and the ability to guide engineering teams through a multi-year modernization program. The ideal candidate has designed enterprise-scale login and identity systems at Fortune 150 or global enterprise scale and understands the operational realities of running authentication infrastructure in a high-stakes environment. Experience in financial services or other highly regulated industries is a plus.
Key Responsibilities
• Lead the architecture and design of a centralized next-generation authentication platform, built in parallel with the existing production system
• Define the target-state architecture for credential consolidation across multiple business lines and product platforms
• Provide architectural guidance on the identity Abstraction Layer, a vendor-agnostic SDK library designed to decouple applications from underlying identity vendors
• Evaluate and advise on integration patterns between the Transmit platform, Transmit Mosaic (passkeys), Ping Federation, and other identity components
• Establish standards for authentication journeys, session management, MFA flows, and federation across consumer and commercial products
• Partner with security architects, application teams, and infrastructure engineers to ensure the platform meets compliance and resilience requirements
• Review existing identity journeys and connectors; document technical debt and provide remediation recommendations
• Mentor and provide technical direction to engineering teams responsible for building and maintaining the new platform
• Produce architectural decision records (ADRs), reference architectures, and roadmap documentation
Required Qualifications
• 12+ years of experience in Identity and Access Management architecture
• Demonstrated experience designing and delivering enterprise-scale centralized authentication platforms at Fortune 150 or global enterprise scale; financial services or similarly regulated environments a plus
• Deep knowledge of authentication protocols and standards: OAuth 2.0, OIDC, SAML 2.0, FIDO2/WebAuthn, and LDAP/Active Directory
• Hands-on experience with two or more enterprise identity platforms (Transmit Security, Ping Identity, ForgeRock, Okta, SailPoint, CyberArk, or equivalent)
• Experience architecting systems that consolidate credentials or unify identity across multiple applications or business lines
• Strong understanding of API security, token lifecycle management, and session architecture
• Proven ability to lead architecture decisions in complex, multi-stakeholder environments
• Experience with change management processes and operating within enterprise ITSM frameworks
Preferred Qualifications
• Hands-on experience with the Transmit Security platform
• Experience with passkey or FIDO2 implementations at scale
• Familiarity with SDK abstraction or facade design patterns for identity integrations
• Exposure to multi-product credential federation across large, complex enterprises
• Relevant certifications: CISSP, CIAM, Ping Certified Architect, or equivalent
• Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks
Contractor Requirements
• Must be based in the United States and authorized to work without sponsorship
• Must be able to pass a background check
Skills Required
- 12+ years of experience in Identity and Access Management architecture
- Experience designing and delivering enterprise-scale centralized authentication platforms at Fortune 150 or global enterprise scale
- Deep knowledge of OAuth 2.0, OIDC, SAML 2.0, FIDO2/WebAuthn, and LDAP/Active Directory
- Hands-on experience with two or more enterprise identity platforms (Transmit Security, Ping Identity, ForgeRock, Okta, SailPoint, CyberArk, or equivalent)
- Experience architecting systems that consolidate credentials or unify identity across multiple applications or business lines
- Strong understanding of API security, token lifecycle management, and session architecture
- Proven ability to lead architecture decisions in complex, multi-stakeholder environments
- Experience with change management processes and operating within enterprise ITSM frameworks
- Must be based in the United States and authorized to work without sponsorship
- Must be able to pass a background check
- Hands-on experience with the Transmit Security platform
- Experience with passkey or FIDO2 implementations at scale
- Familiarity with SDK abstraction or facade design patterns for identity integrations
- Exposure to multi-product credential federation across large, complex enterprises
- Relevant certifications: CISSP, CIAM, Ping Certified Architect, or equivalent
- Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Atlanta based IAM consulting firm with a global reach. How can we help you?








