Identity Application Architect

Posted Yesterday
Be an Early Applicant
Hiring Remotely in United States
Remote
145K-175K Annually
Senior level
Cloud • Information Technology
The Role
Lead architecture and design of CIAM and IAM solutions across customer, partner, and workforce use cases. Define reference architectures, integration patterns, and identity data models. Guide implementations (Okta, Auth0, Entra ID, cloud, CRM, ITSM), ensure security, scalability, compliance, and mentor teams while producing roadmaps and standards.
Summary Generated by Built In
AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation.
 
At AHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. 
 
We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived. 
 
We embrace all candidates that will contribute to the diversification and enrichment of ideas and perspectives at AHEAD. 

The Senior Identity Application Architect, CIAM/IAM, is responsible for leading the architecture, design, and evolution of identity solutions that support secure, scalable, and resilient customer and workforce access across the organization. 

This role defines target-state architecture and implementation patterns for customer identity and access management and enterprise identity and access management, including authentication, authorization, federation, lifecycle orchestration, delegated administration, and identity data flows across cloud and enterprise platforms. 

The architect partners with cybersecurity, infrastructure, application owners, product teams, and business stakeholders to translate business, security, privacy, and user experience requirements into practical identity architectures. This role also provides technical leadership for integrations across platforms such as Okta, Auth0, Azure, AWS, Salesforce, ServiceNow, and custom applications, with an emphasis on security, reliability, maintainability, and business enablement. 

Duties/Responsibilities

    • Lead the architecture and design of CIAM and IAM solutions supporting secure customer, partner, and workforce identity use cases across digital and enterprise environments, including authentication, authorization, federation, lifecycle automation, and secure access patterns. 

    • Define reference architectures, technical standards, guardrails, and integration patterns for identity services and applications using protocols and technologies such as OAuth 2.0, OpenID Connect, SAML, SCIM, LDAP, REST APIs, webhooks, and event-driven architectures. 

    • Architect and guide implementation of identity-enabled applications, APIs, portals, and workflows, including customer onboarding, workforce onboarding, joiner-mover-leaver processes, access requests, delegated administration, MFA, identity proofing, registration, account recovery, consent, and progressive profiling. 

    • Drive architecture decisions for identity data models, directory strategy, attribute governance, role, group, and policy design, and integrations across HR, CRM, ITSM, cloud, and other enterprise platforms. 

    • Evaluate and improve identity platforms, integrations, and access patterns to reduce risk, technical debt, and operational friction while ensuring resilience, scalability, observability, auditability, privacy, and compliance by design. 

    • Produce architecture diagrams, standards, roadmaps, decision records, and implementation guidance, and lead design reviews, governance activities, and stakeholder communication to align delivery with security requirements and strategic objectives. 

    • Mentor engineers and administrators, collaborate with vendors and internal teams, and stay current on IAM and CIAM trends, threats, standards, and capabilities to drive continuous improvement and informed architectural recommendations. 

Education and Experience

    Minimum Required 

    • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Software Engineering, or a related field, or equivalent practical experience. 

    • 8+ years of progressive experience in identity and access management, application security, or enterprise architecture, including significant experience designing identity solutions in complex environments. 

    • 5+ years of experience architecting or leading implementations for CIAM and/or IAM platforms, including authentication, federation, authorization, and lifecycle orchestration use cases. 

    • Practical experience designing integrations across identity providers, cloud platforms, customer-facing applications, HR systems, CRM platforms, IT service management systems, and related enterprise applications. 

    • Expertise in platforms and services such as Okta, Auth0, Microsoft Entra ID, AWS, Azure, Salesforce, ServiceNow, or comparable identity and business platforms. 

    • Demonstrated success in leading technical design for secure APIs, identity-aware applications, and event-driven or service-based integrations. 

    • Required certification in at least one relevant identity or cybersecurity discipline, such as CISSP, CCSP, IDPro, Okta Certified Administrator or Developer, Microsoft SC-300, AWS Security Specialty, or comparable credentials. 

Required Knowledge, Skills, Abilities

    • Strong expertise in IAM and CIAM architecture, including authentication, authorization, federation, identity lifecycle management, provisioning and deprovisioning, delegated administration, and access governance concepts. 

    • Deep understanding of identity standards and protocols, including OAuth 2.0, OpenID Connect, SAML, SCIM, and related token, session, and federation concepts. 

    • Experience designing customer identity journeys with attention to registration, login, MFA, passwordless options, account recovery, consent, profile management, and user experience. 

    • Experience designing enterprise IAM patterns for role-based access, attribute-based access, entitlement management, least privilege, and segregation of duties. 

    • Strong understanding of identity-related security principles, including session security, secrets protection, API security, bot and fraud considerations, logging, monitoring, threat modeling, and auditability. 

    • Ability to define architecture roadmaps, target states, transition plans, and decision frameworks for identity modernization initiatives. 

    • Experience working across engineering, infrastructure, security, product, and business teams to align requirements and drive implementation outcomes. 

    • Ability to review solution designs and code or configuration patterns at the right level to ensure architectural alignment without owning every implementation detail. 

    • Familiarity with modern software and platform engineering practices, including CI/CD, infrastructure as code, automated testing, observability, and secure development practices. 

    • Demonstrated willingness and ability to adopt AI-assisted engineering tools for code generation, code review, test creation, and developer productivity, using tools such as Claude, GitHub Copilot, Cursor, or similar technologies in a secure and effective manner. 

    • Strong written and verbal communication skills, including the ability to present architecture decisions, tradeoffs, and recommendations to technical and executive stakeholders. 

    • Strong problem-solving skills and the ability to diagnose complex identity, integration, and access issues across distributed systems. 

    • Demonstrated experience addressing emerging identity control challenges related to agentic AI, non-human identities, machine identities, and modern IAM governance patterns. 

The compensation range indicated in this posting reflects the On-Target Earnings (“OTE”) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate’s relevant experience, qualifications, and geographic location.  
 
Why AHEAD:
 
Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between.
 
We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning.
 
USA Employment Benefits include: 
- Medical, Dental, and Vision Insurance 
- 401(k) 
- Paid company holidays 
- Paid time off 
- Paid parental and caregiver leave 
- Plus more! See benefits https://www.aheadbenefits.com/ for additional details. 
 
Use of AI:
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, assessing responses, or to capture recordings and create transcriptions or summaries during interviews. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans.
 
If you would like more information about how your data is processed, please refer to the Candidate Privacy Notice or contact us at [email protected]
 
You may opt-out of the review or analysis of your application and resume by AI tools by using the General Application. Please include the role you wish to apply for in the Additional Information field. You may also choose to opt-out of recording and transcription at any time, including after joining an interview.  Candidates will not be penalized for choosing to opt-out.

Skills Required

  • Bachelor's degree in Computer Science, IT, Cybersecurity, Software Engineering, or equivalent experience
  • 8+ years progressive experience in identity and access management, application security, or enterprise architecture
  • 5+ years architecting or leading CIAM and/or IAM platform implementations (authentication, federation, authorization, lifecycle orchestration)
  • Practical experience integrating identity across identity providers, cloud platforms, customer apps, HR systems, CRM, and ITSM
  • Expertise with Okta, Auth0, Microsoft Entra ID (Azure AD), AWS, Azure, Salesforce, ServiceNow or comparable platforms
  • Deep knowledge of protocols and standards: OAuth 2.0, OpenID Connect, SAML, SCIM, LDAP, REST APIs, webhooks, event-driven architectures
  • Required certification in at least one identity or cybersecurity discipline (CISSP, CCSP, IDPro, Okta Certified, Microsoft SC-300, AWS Security Specialty, or comparable)
  • Demonstrated success leading technical design for secure APIs, identity-aware applications, and event/service-based integrations
  • Experience designing customer identity journeys and IAM patterns: MFA, passwordless, account recovery, consent, RBAC, ABAC, entitlement management
  • Familiarity with modern engineering practices: CI/CD, infrastructure as code, automated testing, observability, secure development
  • Strong communication, stakeholder alignment, architecture roadmapping, mentoring engineers and administrators

AHEAD Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about AHEAD and has not been reviewed or approved by AHEAD.

  • Retirement Support 401(k) contributions are matched dollar-for-dollar on the first $5,000 each year, with matching made each pay period and immediate 100% vesting. This structure signals above-standard employer support for retirement savings.
  • Affordable Benefits Medical options include low employee premiums for PPO and HDHP plans, and the HDHP adds employer HSA funding plus a dollar-for-dollar HSA match up to stated amounts. Dental and vision plans list very low per-paycheck costs, helping keep overall healthcare spend manageable.
  • Wellbeing & Lifestyle Benefits No-cost telemedicine (including virtual mental health when enrolled), free Calm access for the employee and dependents, and an EAP with counseling are included. Company-paid life and disability plus voluntary protections (legal/ID, pet insurance) and other extras round out a comprehensive set of supports.

AHEAD Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Chicago, IL
1,154 Employees
Year Founded: 2007

What We Do

AHEAD builds platforms for digital business. By weaving together cloud infrastructure, intelligent operations, and modern applications, we help enterprises deliver on the promise of digital transformation.

Similar Jobs

ServiceNow Logo ServiceNow

Distinguished Engineer - Mulit-Cloud Control Plane - Kubernetes

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
San Diego, CA, USA
29000 Employees
255K-445K Annually

ServiceNow Logo ServiceNow

Distinguished Engineer - Mulit-Cloud - Control Plane - Kubernetes

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Santa Clara, CA, USA
29000 Employees
255K-445K Annually

ServiceNow Logo ServiceNow

Director, Strategic Event Content Operations

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Santa Clara, CA, USA
29000 Employees
180K-315K Annually

ServiceNow Logo ServiceNow

Enterprise Account Executive

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Milwaukee, WI, USA
29000 Employees

Similar Companies Hiring

Amplify Platform Thumbnail
Fintech • Financial Services • Consulting • Cloud • Business Intelligence • Big Data Analytics
Scottsdale, AZ
62 Employees
Standard Template Labs Thumbnail
Artificial Intelligence • Information Technology • Software
New York, NY
25 Employees
Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account