Customer Identity & Access Management (CIAM) Security Architecture Lead
$160k - $180kIDEXX LABORATORIES
IDEXX's Cyber Security and Information Security teams enable a resilient, adaptable, and security-aware enterprise-supporting the technology that delivers trusted products and solutions to customers worldwide.
The Customer Identity & Access Management (CIAM) Security Architecture Lead is a senior, high-impact role within the Information Security organization , serving as the primary architectural authority and technical visionary for customer identity across IDEXX's customer-facing ecosystem.
This role is responsible for assessing, strengthening, and evolving a secure, scalable, and unified CIAM architecture that supports multiple products, customer types, and integration models-while delivering a consistent, friction-aware customer experience. IDEXX has an existing Auth0 implementation in place; however, this role will lead a comprehensive review and re-architecture of the current environment to ensure it is securely implemented, properly configured, and aligned to enterprise-scale requirements and long-term CIAM vision.
While Auth0 is the current CIAM platform, this role maintains a platform-agnostic security architecture perspective, ensuring IDEXX can evolve, extend, or transition CIAM platforms as business, risk, or regulatory needs change. You will bridge executive strategy and hands-on engineering execution-defining not only what is built, but how customer identity integrates into IDEXX's broader cyber security architecture, ensuring identity is a business enabler, not a constraint.
In this role, your key responsibilities will include...
CIAM Security Architecture & Platform Leadership:
- Serve as the security architecture authority for customer identity and access management across all customer-facing products
- Assess the existing Auth0 deployment and lead remediation, reconfiguration, and architectural improvements to meet enterprise security and scale requirements
- Design and evolve an enterprise CIAM architecture that remains portable across other CIAM platforms (e.g., Okta CIAM, Ping Identity, ForgeRock, Microsoft Entra ID)
- Establish CIAM security standards, reference architectures, control requirements, and guardrails aligned with Zero Trust principles and enterprise security strategy
- Develop and maintain a multi-year CIAM roadmap aligned with enterprise goals and digital transformation initiatives
- Define future-state capabilities including SSO, MFA, passwordless authentication, adaptive authentication, modern RBAC/ABAC models, and expansion across B2B and B2C use cases
- Ensure the roadmap addresses remediation of current-state gaps while enabling long-term scalability and consistency
- Architect and govern secure authentication and authorization patterns across diverse customer use cases
- Design and implement federated identity integrations using OIDC, OAuth 2.0, and SAML
- Support customer-managed and federated identity scenarios, including trust boundary definition, assurance levels, and delegated administration models
- Architect secure multi-tenant CIAM models supporting multiple products, customers, and environments
- Design layered administrative and delegated access controls for internal operations and customer administrators
- Ensure administrative access adheres to least privilege, separation of duties, and strong auditability
- Architect CIAM solutions supporting both human customer identities and system, service, and integration accounts
- Define secure API authentication, token lifecycle management, system to system (internal and external) authentication patterns and non-interactive access patterns
- Define and validate security controls, configurations, and assurance requirements for CIAM implementations
- Ensure CIAM solutions integrate with the broader security ecosystem including SIEM/SOAR, IAM/IGA, monitoring, and fraud detection platforms
- Partner with GRC, Security Operations, and Product Security teams to perform threat modeling, support audits, and reduce identity-related risk
- Act as the primary CIAM security advisor to Product, Marketing, IT, Engineering, and Platform teams
- Translate complex identity and security requirements into clear, consumable architectural guidance
- Communicate CIAM strategy, risk posture, and progress to VP-level and executive leadership
- 8+ years of experience in CIAM/IAM with at least 3 years in a lead or security architecture capacity
- Demonstrated experience assessing, remediating, and scaling existing CIAM implementations in complex environments
- Deep hands-on experience with Auth0 and at least one additional Tier-1 CIAM platform (e.g., Okta CIAM, Ping Identity, ForgeRock, Microsoft Entra ID)
- Expertise in OIDC, OAuth 2.0, SAML, FIDO2/WebAuthn, and SCIM
- Location: 100% remote/virtual is fine for this role. Preferred is being local/driving distance or willing to relocate to the Westbrook, Maine area, but that is not required.
- Strong understanding of modern application architectures (SPAs, microservices, mobile APIs) and cloud platforms (AWS preferred)
- Proven ability to translate identity risk and architectural gaps into actionable remediation and roadmap decisions
- Strong understanding of Zero Trust principles, identity threat models, logging, monitoring, and auditability
- Ability to communicate complex security concepts to technical and non-technical stakeholders
- Proven ability to navigate a matrixed organization to accomplish goals
- Security certifications such as CISSP-ISSAP, CISM, or senior vendor certifications (e.g., Okta or Auth0 Certified Architect)
- Experience with Identity-as-Code, CI/CD pipelines, and Terraform
- Experience integrating CIAM with fraud detection, bot mitigation, or risk-based authentication engines
- Experience supporting CIAM in regulated or high-trust environments such as healthcare or life sciences
- Programming or scripting experience (Python, Java, Go, etc.)
- Experience applying analytics or AI/ML to identity security or anomaly detection
- A hardened, well-architected Auth0 environment aligned with enterprise security standards and long-term CIAM vision
- Clear remediation of current-state CIAM security and configuration gaps
- A scalable, secure CIAM foundation supporting consistent customer experiences across products
- A platform-agnostic CIAM architecture that can evolve or migrate without increasing risk
- Product teams enabled with secure, reusable identity patterns that accelerate delivery
• Base annual salary target: $160000 - $180000 (yes, we do have flexibility if needed)
• Opportunity for annual cash bonus and yearly equity award
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more! Why IDEXX? We're proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people. So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.
Let's pursue what matters together.
IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws. #LI-REMOTE
$140k - $160k
...those willing to relocate.IDEXX’s Cyber Security and Information Security teams enable a... ...delivers trusted products and solutions to customers worldwide. **The Customer Identity & Access Management (CIAM) Security Architecture Lead is a senior, high-impact role within the...CustomerLocal areaWorldwideRelocation$133.66k - $219.59k
Altice USA is seeking a Manager of Customer Identity and Access Management to lead the enterprise identity practice located in Bethpage, New York. This role includes defining and executing strategies for customer identity, transitioning to modern authentication methods...Customer- Citizens Bank is seeking a Product Management Manager to lead the CIAM Authentication & Identity Platform Product Leadership. You will own the strategy, roadmap... ...identity platform, driving adoption, security, and customer experience across digital and assisted channels...Customer
- ...is investing in the future of Customer Identity and Access Management (CIAM) to deliver secure, frictionless, and trusted digital... ...Security Manager, you will lead the technology strategy, engineering... ...with Product Management, Architecture, Cybersecurity, Fraud, Risk, Infrastructure...Customer
- ...Principal Software Engineer for its Customer Identity Access Management (CIAM) team in Denver, CO. This role involves leading the design and implementation of secure systems for user identities,... ...candidate will have a strong architectural background and significant expertise...Customer
- ...technical anchor for the Customer IAM team. This individual will define architecture standards, drive... ...configuration consistency, and lead initiatives to enhance... ...experience in Identity & Access Management, proficiency in relevant security protocols, and leadership...Customer
- ...seeking a Senior IAM Engineer to lead the design and governance of the customer identity platform. The role involves making... ...authentication policies and platform architecture, requiring a strong background in Identity & Access Management. With a focus on modernizing...Customer
- Dollar General Corporation is seeking a Senior Information Security Manager, Identity & Access Management (IAM) to lead the IAM program across employees, contractors, partners, and customers. You will shape the roadmap, oversee engineering, operations, and governance, and...CustomerFor contractors
$161.3k - $183k
Role Description This Lead Product Manager, Identity & Access role sits within the Customer & Enterprise Experience organization and... ...vision for identity, ensuring secure, seamless, and scalable user experiences... ...and access management (IAM/CIAM) ~Experience working with...CustomerFull timeFlexible hours- ...IAM leader to architect and mature a security-first identity program. The role blends advisory and... ...governance, lifecycle, RBAC, and privilege access programs while coordinating with... ...and operations to meet regulatory and customer requirements. Hybrid work in Charlotte...Customer
- Okta is seeking a Senior Manager for its Professional Services team in... ..., Ohio. In this role, you will lead a team of Technical Architects, ensure customer success, and manage relationships... .... Your extensive experience in Identity & Access Management and leadership will...Customer
- Okta is seeking a Senior Manager for their Professional Services organization... ...has a robust background in Identity & Access Management and experience with customer engagement. Responsibilities... ...driving success in a technical architecture environment, this role may be perfect...Customer
- Okta is seeking a Senior Manager in San Francisco to lead a team responsible for implementing... ...extensive experience in Identity & Access Management, team leadership, and customer solutions. You will manage... ...contribute to technical architecture processes. Ideal candidates...Customer
- Prudential Financial, Inc. is seeking a Director of Customer Identity & Access Management (CIAM) within IAM & Security Operations. This leader will own the strategy... ...across Security, Engineering, Fraud, Risk, Architecture, and Operations to implement scalable CIAM patterns...Customer
- ...Senior IAM Engineer to take charge of the Customer Identity platform architecture while ensuring security and scalability. You will lead the design of authentication policies and... ...candidate has over 6 years of experience with CIAM platforms and strong skills in security...Customer
- Concentra, Inc. is seeking a Specialist II in Security - Identity and Access Management. This role involves maintaining security for the company’s information systems and ensuring top-notch customer service. The candidate should have a Bachelor’s degree and three years...Customer
- Role Description The IAM Team Lead is responsible for leading daily Identity and Access Management operations for customer environments supported by Arraya. This role ensures IAM... .... ~Promote a customer-focused and security-first mindset. ~Support effective communication...CustomerFull timeWork at officeRemote workMonday to FridayAfternoon shift
$132.5k - $338.3k
...Accenture is a leading global... ...accelerate our customers transformation... ...cloud change management; and cloud-ready... ...design — with security, data privacy,... ...hybrid cloud architectures, with demonstrated... ...orientation, gender identity or expression,... ...who have access to the compensation...CustomerWork experience placementLive inWork at officeLocal area- ...Washington DC is seeking an Access Control Specialist to manage visitor and employee access, verify identities, issue and collect badges, and... ...accurate access records for secure operations. You will greet... ...incidents, and provide professional customer service while upholding...CustomerTemporary work
$200k
...Identity & Access Governance Lead - Immuta - REMOTE Identity & Access Governance Lead - Immuta - REMOTE... ...Lead with a strong background in data management and governance frameworks.... ...proposed platform meets compliance, security, and data privacy requirements Collaborate...Contract workRemote work$154.56k - $171.74k
...functions for credit cards, secured cards, and installment loans.... ...live agent, and external agency management.Position Summary:The Identity and Access Management (IAM) Lead Engineer will work in the... ...protect the companies’ data, customers, and computer systems from business...CustomerRemote work$171.4k - $257.1k
...and commercial customers. When you join... ...on space architecture, policy and strategy... ...the national security space (NSS)... ...EM&C Program Lead will report to... ...the Enterprise Management and Control program... ...dynamic access to resources for... ...gender, gender identity or expression,...CustomerFull timeFor contractorsWork at officeImmediate startRemote workRelocation packageFlexible hours- ...of a university IT manager, with broad latitude... ...matter expert on IT security, identity, and access infrastructure; provides IT security architectural guidance; designs security... ...system continuity. Leads complex integrations... ...and other custom applications critical...Full timeWork at officeWeekend workAfternoon shift
- Netflix, Inc. is looking for a Physical Identity and Access Manager in Los Angeles to oversee the company's physical identity and access management program. The role involves managing access control systems and ensuring safety for employees and visitors. Candidates should...
$86.8k - $198k
Phase2 Technology in McLean, Virginia is seeking a Senior Identity and Access Management Specialist to develop IAM solutions aligned with security requirements. This role involves working with IAM tools like CyberArk and Microsoft Forefront Identity Manager to manage the...- Minnesota state agencies seek an IAM Security Specialist to manage Active Directory and Entra ID, design group policies... ...You will troubleshoot authentication and access-control issues, implement robust backup/recovery for identity management, and upgrade systems to...
$114.5k - $188.9k
Prudential Financial is seeking an IAM Implementation Lead to enhance their Identity and Access Management Program. This role involves shaping solution designs and coordinating IAM initiatives across various teams and technologies. Ideal candidates will have a strong background...- Phase2 Technology is looking for a Senior Identity and Access Management Specialist to develop and deploy solutions that meet security requirements. The role involves securing identity lifecycles through governance, provisioning, and continuous monitoring. With a focus...
$216k
About the Role At Uber, identity is the cornerstone of... ...-term success. As a Lead Product Manager for Identity... ...solutions that enhance security while ensuring seamless... ...to seamlessly create, access, manage, and verify their... ...data insights, customer research, and product...CustomerFull time- Lead Consultant - Identity & Access Management Career Guidant, an internationally acclaimed, trusted... ...Information Technology Custom Learning Services for... ..., problem definition, Architecture/Design /Detailing of Processes... ...Management, Information Security, Systems Analysis,...CustomerPermanent employmentFull timeH1b
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Customer Identity & Access Management (CIAM) Security Architecture Lead. Be the first to apply!
- customer project program manager United States
- work from home customer United States
- customer satisfaction United States
- customer insights analyst United States
- customer engineer United States
- customer United States
- customer marketing United States
- customer liaison United States
- customer retention United States
- pest management United States



