At StoneX, our information security teams are the guardians of our digital frontiers—defending against cyber threats that aim to infiltrate our systems, compromise customer trust, and cause mayhem. As a Customer Identity & Access Management (CIAM) Architect, you will be a key player on our blue team, working together with business leaders, tech experts, and your peers to design and implement a secure, scalable, and business-friendly customer identity architecture.
Think of yourself as the architect of trust: your work will empower secure connections between StoneX and its customers while protecting their data and privacy. As our CIAM Architect, you’ll be more than just an architect—you’ll be a strategic leader and advocate for customer identity. You will be the visionary behind the customer identity architecture that sets the foundation for how StoneX operates and grows. This role isn’t just about systems and strategies—it’s about people and trust. Customer identity is the gateway to our business, and your work will directly influence how we earn and maintain the trust of every customer we serve.
responsibilities :
Primary duties will include:
Strategic Creation: The CIAM Architect is responsible for developing and owning technical strategies that align with StoneX’s Information Security and Identity visions, grounded in a Zero Trust Architecture methodology. In this role, you will create and implement comprehensive strategies for Customer Identity & Access Management (CIAM) and Customer Identity Governance & Administration (CIGA) to ensure security, scalability, and resilience.
Collaboration with IT and other departments: Collaboration is central to the CIAM Architect’s role, requiring close work with IT, legal, compliance, product leadership, and other departments. You will advocate for solutions that balance strong security with user-friendly experiences, proving that usability and security can coexist. Additionally, you will collaborate with various teams to address specific needs and ensure business activities are conducted securely and effectively.
Stakeholder Communication: As a key liaison, you will serve as a consultative subject matter expert to stakeholders across the organization. By explaining complex technical concepts in a clear and accessible way, you will inspire action, build trust, and ensure alignment on customer identity goals. Effective communication with senior management, employees, clients, and external partners will also be essential in keeping everyone informed about the organizations customer identity posture and progress.
As a Customer Identity & Access Management Architect, a typical week might include the following:
Spending at least three days in the office with possibly some ad hoc travel to our London office focused on collaborating with teams and stakeholders to foster engagement and productivity.
Developing and refining CIAM and CIGA technical strategies, conducting industry research to stay ahead of emerging threats and regulatory changes like FCA and GDPR, and mentoring junior engineers or analysts through projects or challenges.
Working with application, security, and infrastructure teams to evaluate, design, and implement secure, enterprise-class customer identity systems, while contributing to the creation and review of documentation for customer identity standards and frameworks.
Proactively engaging with business stakeholders to enable smarter customer identity and risk management decisions, analyzing ongoing identity requests to identify strategic solutions, and collecting and reporting divisional customer identity metrics.
Leading or participating in cross-team architecture review and design sessions, presenting initiatives to the Architecture Review Team, and actively managing CIAM and CIGA projects and change activities.
Conducting information security assessments related to the customer identity architecture, supporting related risk mitigation and compliance efforts, and assisting with the remediation of security incidents when necessary.
requirements-expected :
Approximately 10 years of overall experience in technology, with demonstrated expertise across multiple technology domains. Relevant areas of experience include networking, compute/storage, cloud technologies, endpoint computing, and cybersecurity.
To be an excellent communicator. You express ideas clearly and concisely, whether in writing, on a call, or presenting them to a group. You enjoy tailoring your message to suit different audiences and thrive in a variety of communication formats.
To love solving problems. Tackling tough challenges and uncovering creative solutions energizes you. If you don’t have the answer, you dive in, research, and figure it out. Problem-solving is second nature to you.
Toenjoy helping others. You find satisfaction in guiding people to their "aha!" moments. You are patient, calm under pressure, and always eager to share knowledge in a way that resonates. Teaching and supporting others bring you joy.
To be detail oriented. To you, excellence means getting it right, every time. You pride yourself on staying organized and ensuring that nothing slips through the cracks.
To adapt quickly. Learning new things excites you, and you’re comfortable adjusting to change. You understand that security isn’t always the answer to every question and that achieving perfection isn’t realistic—but progress is always possible.
To be self-motivated. You take initiative, seek out new challenges, and take ownership of your work. You want to leave a lasting, positive impact and feel proud of the time you spend with us.
Relevant professional certifications such as CISM, CISSP, or comparable qualifications are a strong asset.
Bachelor’s degree in computer science, Information Security, Information Assurance, Information Systems, or a related field is preferred. Equivalent experience, certifications, or non-traditional educational paths will also be considered.
offered :
Working in a hybrid environment: 2 days from home, 3 days from the office
