Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Customer Identity & Access Management (CIAM) Security Architecture Lead

$160k - $180k

IDEXX LABORATORIES

IDEXX's Cyber Security and Information Security teams enable a resilient, adaptable, and security-aware enterprise-supporting the technology that delivers trusted products and solutions to customers worldwide.


The Customer Identity & Access Management (CIAM) Security Architecture Lead is a senior, high-impact role within the Information Security organization , serving as the primary architectural authority and technical visionary for customer identity across IDEXX's customer-facing ecosystem.


This role is responsible for assessing, strengthening, and evolving a secure, scalable, and unified CIAM architecture that supports multiple products, customer types, and integration models-while delivering a consistent, friction-aware customer experience. IDEXX has an existing Auth0 implementation in place; however, this role will lead a comprehensive review and re-architecture of the current environment to ensure it is securely implemented, properly configured, and aligned to enterprise-scale requirements and long-term CIAM vision.


While Auth0 is the current CIAM platform, this role maintains a platform-agnostic security architecture perspective, ensuring IDEXX can evolve, extend, or transition CIAM platforms as business, risk, or regulatory needs change. You will bridge executive strategy and hands-on engineering execution-defining not only what is built, but how customer identity integrates into IDEXX's broader cyber security architecture, ensuring identity is a business enabler, not a constraint.


In this role, your key responsibilities will include...


CIAM Security Architecture & Platform Leadership:

  • Serve as the security architecture authority for customer identity and access management across all customer-facing products
  • Assess the existing Auth0 deployment and lead remediation, reconfiguration, and architectural improvements to meet enterprise security and scale requirements
  • Design and evolve an enterprise CIAM architecture that remains portable across other CIAM platforms (e.g., Okta CIAM, Ping Identity, ForgeRock, Microsoft Entra ID)
  • Establish CIAM security standards, reference architectures, control requirements, and guardrails aligned with Zero Trust principles and enterprise security strategy

Strategic Roadmap & Vision
  • Develop and maintain a multi-year CIAM roadmap aligned with enterprise goals and digital transformation initiatives
  • Define future-state capabilities including SSO, MFA, passwordless authentication, adaptive authentication, modern RBAC/ABAC models, and expansion across B2B and B2C use cases
  • Ensure the roadmap addresses remediation of current-state gaps while enabling long-term scalability and consistency
Authentication, Authorization & Federation
  • Architect and govern secure authentication and authorization patterns across diverse customer use cases
  • Design and implement federated identity integrations using OIDC, OAuth 2.0, and SAML
  • Support customer-managed and federated identity scenarios, including trust boundary definition, assurance levels, and delegated administration models
Multi-Tenant, Admin & Delegated Access Models
  • Architect secure multi-tenant CIAM models supporting multiple products, customers, and environments
  • Design layered administrative and delegated access controls for internal operations and customer administrators
  • Ensure administrative access adheres to least privilege, separation of duties, and strong auditability
Integrations, System Accounts & Non-Human Identity
  • Architect CIAM solutions supporting both human customer identities and system, service, and integration accounts
  • Define secure API authentication, token lifecycle management, system to system (internal and external) authentication patterns and non-interactive access patterns

Security Controls, Risk & Governance
  • Define and validate security controls, configurations, and assurance requirements for CIAM implementations
  • Ensure CIAM solutions integrate with the broader security ecosystem including SIEM/SOAR, IAM/IGA, monitoring, and fraud detection platforms
  • Partner with GRC, Security Operations, and Product Security teams to perform threat modeling, support audits, and reduce identity-related risk
Cross-Functional Leadership & Communication
  • Act as the primary CIAM security advisor to Product, Marketing, IT, Engineering, and Platform teams
  • Translate complex identity and security requirements into clear, consumable architectural guidance
  • Communicate CIAM strategy, risk posture, and progress to VP-level and executive leadership
What You Will Need To Succeed...
  • 8+ years of experience in CIAM/IAM with at least 3 years in a lead or security architecture capacity
  • Demonstrated experience assessing, remediating, and scaling existing CIAM implementations in complex environments
  • Deep hands-on experience with Auth0 and at least one additional Tier-1 CIAM platform (e.g., Okta CIAM, Ping Identity, ForgeRock, Microsoft Entra ID)
  • Expertise in OIDC, OAuth 2.0, SAML, FIDO2/WebAuthn, and SCIM
  • Location: 100% remote/virtual is fine for this role. Preferred is being local/driving distance or willing to relocate to the Westbrook, Maine area, but that is not required.
  • Strong understanding of modern application architectures (SPAs, microservices, mobile APIs) and cloud platforms (AWS preferred)
  • Proven ability to translate identity risk and architectural gaps into actionable remediation and roadmap decisions
  • Strong understanding of Zero Trust principles, identity threat models, logging, monitoring, and auditability
  • Ability to communicate complex security concepts to technical and non-technical stakeholders
  • Proven ability to navigate a matrixed organization to accomplish goals
Preferred Qualifications
  • Security certifications such as CISSP-ISSAP, CISM, or senior vendor certifications (e.g., Okta or Auth0 Certified Architect)
  • Experience with Identity-as-Code, CI/CD pipelines, and Terraform
  • Experience integrating CIAM with fraud detection, bot mitigation, or risk-based authentication engines
  • Experience supporting CIAM in regulated or high-trust environments such as healthcare or life sciences
  • Programming or scripting experience (Python, Java, Go, etc.)
  • Experience applying analytics or AI/ML to identity security or anomaly detection

What Success Looks Like
  • A hardened, well-architected Auth0 environment aligned with enterprise security standards and long-term CIAM vision
  • Clear remediation of current-state CIAM security and configuration gaps
  • A scalable, secure CIAM foundation supporting consistent customer experiences across products
  • A platform-agnostic CIAM architecture that can evolve or migrate without increasing risk
  • Product teams enabled with secure, reusable identity patterns that accelerate delivery

What you can expect from us:
• Base annual salary target: $160000 - $180000 (yes, we do have flexibility if needed)
• Opportunity for annual cash bonus and yearly equity award
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!

Why IDEXX?

We're proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.

So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.


Let's pursue what matters together.


IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.

#LI-REMOTE
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Customer Identity & Access Management (CIAM) Security Architecture Lead in United States vacancy
  • $133.66k - $219.59k

    Altice USA is seeking a Manager of Customer Identity and Access Management to lead the enterprise identity practice located in Bethpage, New York. This role includes defining and executing strategies for customer identity, transitioning to modern authentication methods... 
    Customer

    Altice USA

    Bethpage, NY
    4 days ago
  • Citizens Bank is seeking a Product Management Manager to lead the CIAM Authentication & Identity Platform Product Leadership. You will own the strategy, roadmap...  ...identity platform, driving adoption, security, and customer experience across digital and assisted channels... 
    Customer

    Citizens Bank

    Johnston, RI
    4 days ago
  •  ...is investing in the future of Customer Identity and Access Management (CIAM) to deliver secure, frictionless, and trusted digital...  ...Security Manager, you will lead the technology strategy, engineering...  ...with Product Management, Architecture, Cybersecurity, Fraud, Risk, Infrastructure... 
    Customer

    Citizens

    Plano, TX
    4 days ago
  •  ...Principal Software Engineer for its Customer Identity Access Management (CIAM) team in Denver, CO. This role involves leading the design and implementation of secure systems for user identities,...  ...candidate will have a strong architectural background and significant expertise... 
    Customer

    Fastly

    Denver, CO
    4 days ago
  •  ...technical anchor for the Customer IAM team. This individual will define architecture standards, drive...  ...configuration consistency, and lead initiatives to enhance...  ...experience in Identity & Access Management, proficiency in relevant security protocols, and leadership... 
    Customer

    Altice USA

    Plano, TX
    4 days ago
  •  ...seeking a Senior IAM Engineer to lead the design and governance of the customer identity platform. The role involves making...  ...authentication policies and platform architecture, requiring a strong background in Identity & Access Management. With a focus on modernizing... 
    Customer

    Altice USA

    Bethpage, NY
    4 days ago
  • Dollar General Corporation is seeking a Senior Information Security Manager, Identity & Access Management (IAM) to lead the IAM program across employees, contractors, partners, and customers. You will shape the roadmap, oversee engineering, operations, and governance, and... 
    Customer
    For contractors

    ∙ Elijah House Foundation

    Goodlettsville, TN
    3 days ago
  • $161.3k - $183k

    Role Description This Lead Product Manager, Identity & Access role sits within the Customer & Enterprise Experience organization and...  ...vision for identity, ensuring secure, seamless, and scalable user experiences...  ...and access management (IAM/CIAM) ~Experience working with... 
    Customer
    Full time
    Flexible hours

    WEX

    Remote
    3 days ago
  • Okta is seeking a Senior Manager for its Professional Services team in...  ..., Ohio. In this role, you will lead a team of Technical Architects, ensure customer success, and manage relationships...  .... Your extensive experience in Identity & Access Management and leadership will... 
    Customer

    Okta

    Columbus, OH
    4 days ago
  •  ...IAM leader to architect and mature a security-first identity program. The role blends advisory and...  ...governance, lifecycle, RBAC, and privilege access programs while coordinating with...  ...and operations to meet regulatory and customer requirements. Hybrid work in Charlotte... 
    Customer

    CRC Group

    Charlotte, NC
    4 days ago
  • Okta is seeking a Senior Manager for their Professional Services organization...  ...has a robust background in Identity & Access Management and experience with customer engagement. Responsibilities...  ...driving success in a technical architecture environment, this role may be perfect... 
    Customer

    Okta

    Houston, TX
    4 days ago
  • Okta is seeking a Senior Manager in San Francisco to lead a team responsible for implementing...  ...extensive experience in Identity & Access Management, team leadership, and customer solutions. You will manage...  ...contribute to technical architecture processes. Ideal candidates... 
    Customer

    Okta

    San Francisco, CA
    4 days ago
  • Prudential Financial, Inc. is seeking a Director of Customer Identity & Access Management (CIAM) within IAM & Security Operations. This leader will own the strategy...  ...across Security, Engineering, Fraud, Risk, Architecture, and Operations to implement scalable CIAM patterns... 
    Customer

    SwiftCruit

    Newark, NJ
    1 day ago
  •  ...Senior IAM Engineer to take charge of the Customer Identity platform architecture while ensuring security and scalability. You will lead the design of authentication policies and...  ...candidate has over 6 years of experience with CIAM platforms and strong skills in security... 
    Customer

    Optimum Corp

    Bethpage, NY
    4 days ago
  • Concentra, Inc. is seeking a Specialist II in Security - Identity and Access Management. This role involves maintaining security for the company’s information systems and ensuring top-notch customer service. The candidate should have a Bachelor’s degree and three years... 
    Customer

    Concentra

    Addison, TX
    4 days ago
  • Role Description The IAM Team Lead is responsible for leading daily Identity and Access Management operations for customer environments supported by Arraya. This role ensures IAM...  .... ~Promote a customer-focused and security-first mindset. ~Support effective communication... 
    Customer
    Full time
    Work at office
    Remote work
    Monday to Friday
    Afternoon shift

    Booth and Partners Pte Ltd

    Remote
    2 days ago
  • $132.5k - $338.3k

     ...Accenture is a leading global...  ...accelerate our customers transformation...  ...cloud change management; and cloud-ready...  ...design — with security, data privacy,...  ...hybrid cloud architectures, with demonstrated...  ...orientation, gender identity or expression,...  ...who have access to the compensation... 
    Customer
    Work experience placement
    Live in
    Work at office
    Local area

    Accenture

    New York, NY
    2 days ago
  •  ...Washington DC is seeking an Access Control Specialist to manage visitor and employee access, verify identities, issue and collect badges, and...  ...accurate access records for secure operations. You will greet...  ...incidents, and provide professional customer service while upholding... 
    Customer
    Temporary work

    Armada LTD

    Washington DC
    1 day ago
  • $200k

     ...Identity & Access Governance Lead - Immuta - REMOTE Identity & Access Governance Lead - Immuta - REMOTE...  ...Lead with a strong background in data management and governance frameworks....  ...proposed platform meets compliance, security, and data privacy requirements Collaborate... 
    Contract work
    Remote work

    ContractStaffingRecruiters.com

    Stamford, CT
    1 day ago
  • $171.4k - $257.1k

     ...and commercial customers. When you join...  ...on space architecture, policy and strategy...  ...the national security space (NSS)...  ...EM&C Program Lead will report to...  ...the Enterprise Management and Control program...  ...dynamic access to resources for...  ...gender, gender identity or expression,... 
    Customer
    Full time
    For contractors
    Work at office
    Immediate start
    Remote work
    Relocation package
    Flexible hours

    The Aerospace Corporation

    Los Angeles, CA
    4 days ago
  • $154.56k - $171.74k

     ...functions for credit cards, secured cards, and installment loans....  ...live agent, and external agency management.Position Summary:The Identity and Access Management (IAM) Lead Engineer will work in the...  ...protect the companies’ data, customers, and computer systems from business... 
    Customer
    Remote work

    CardWorks Servicing

    Syosset, NY
    3 days ago
  • $86.8k - $198k

    Phase2 Technology in McLean, Virginia is seeking a Senior Identity and Access Management Specialist to develop IAM solutions aligned with security requirements. This role involves working with IAM tools like CyberArk and Microsoft Forefront Identity Manager to manage the... 

    Phase2 Technology

    Mc Lean, VA
    4 days ago
  • $114.5k - $188.9k

    Prudential Financial is seeking an IAM Implementation Lead to enhance their Identity and Access Management Program. This role involves shaping solution designs and coordinating IAM initiatives across various teams and technologies. Ideal candidates will have a strong background... 

    Prudential Financial

    Newark, NJ
    4 days ago
  • Phase2 Technology is looking for a Senior Identity and Access Management Specialist to develop and deploy solutions that meet security requirements. The role involves securing identity lifecycles through governance, provisioning, and continuous monitoring. With a focus... 

    Phase2 Technology

    Washington DC
    2 days ago
  • Netflix, Inc. is looking for a Physical Identity and Access Manager in Los Angeles to oversee the company's physical identity and access management program. The role involves managing access control systems and ensuring safety for employees and visitors. Candidates should... 

    Netflix, Inc.

    Los Angeles, CA
    1 day ago
  •  ...of a university IT manager, with broad latitude...  ...matter expert on IT security, identity, and access infrastructure; provides IT security architectural guidance; designs security...  ...system continuity. Leads complex integrations...  ...and other custom applications critical... 
    Full time
    Work at office
    Weekend work
    Afternoon shift

    The City University of New York

    New York, NY
    4 days ago
  • Minnesota state agencies seek an IAM Security Specialist to manage Active Directory and Entra ID, design group policies...  ...You will troubleshoot authentication and access-control issues, implement robust backup/recovery for identity management, and upgrade systems to... 

    Minnesota Direct Care and Treatment

    Roseville, CA
    4 days ago
  •  ...Identity and Access Management (IAM) Analyst Identity and Access Management...  ...Motion Recruitment Lead Technical Recruiter...  ...about satisfying customers' financial needs and...  ...complex Information Security Analysis initiatives...  ...application security architecture Seniority level Seniority... 
    Customer
    Long term contract
    Contract work
    Work at office

    Motion Recruitment

    Irving, TX
    1 day ago
  • $216k

    About the Role At Uber, identity is the cornerstone of...  ...-term success. As a Lead Product Manager for Identity...  ...solutions that enhance security while ensuring seamless...  ...to seamlessly create, access, manage, and verify their...  ...data insights, customer research, and product... 
    Customer
    Full time

    Uber

    Sunnyvale, CA
    4 days ago
  • Lead Consultant - Identity & Access Management Career Guidant, an internationally acclaimed, trusted...  ...Information Technology Custom Learning Services for...  ..., problem definition, Architecture/Design /Detailing of Processes...  ...Management, Information Security, Systems Analysis,... 
    Customer
    Permanent employment
    Full time
    H1b

    Career Guidant Inc.

    Cranston, RI
    10 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Customer Identity & Access Management (CIAM) Security Architecture Lead. Be the first to apply!