Customer Identity Access Management CIAM Architect - B2B

B2B fulltime hybrid.

Connecting clients to markets and talent to opportunity.

With 4300 employees and over 400000 retail and institutional clients from more than 80 offices spread across five continents were a Fortune100 Nasdaqlisted provider connecting clients to the global markets focusing on innovation human connection and providing worldclass products and services to all types of investors.

At StoneX we offer you the opportunity to be part of an institutionalgrade financial services network that connects companies organizations and investors to the global markets ecosystem. As a team member youll benefit from our unique blend of digital platforms comprehensive clearing and services personalized hightouch support and deep industry expertise. Elevate your career with us and make a significant impact in the world of global finance.

Business Segment Overview: Engage in a deep variety of businesscritical activities that keep our company running efficiently. From strategic marketing and financial management to human resources and operational oversight youll have the opportunity to optimize processes and implement gamechanging policies.

Position Purpose: At StoneX our information security teams are the guardians of our digital frontiersdefending against cyber threats that aim to infiltrate our systems compromise customer trust and cause mayhem. As a Customer Identity & Access Management (CIAM) Architect you will be a key player on our blue team working together with business leaders tech experts and your peers to design and implement a secure scalable and businessfriendly customer identity architecture.

Think of yourself as the architect of trust: your work will empower secure connections between StoneX and its customers while protecting their data and privacy. As our CIAM Architect youll be more than just an architectyoull be a strategic leader and advocate for customer identity. You will be the visionary behind the customer identity architecture that sets the foundation for how StoneX operates and grows. This role isnt just about systems and strategiesits about people and trust. Customer identity is the gateway to our business and your work will directly influence how we earn and maintain the trust of every customer we serve.

Primary duties will include:

• Strategic Creation: The CIAM Architect is responsible for developing and owning technical strategies that align with StoneXs Information Security and Identity visions grounded in a Zero Trust Architecture methodology. In this role you will create and implement comprehensive strategies for Customer Identity & Access Management (CIAM) and Customer Identity Governance & Administration (CIGA) to ensure security scalability and resilience.
• Collaboration with IT and other departments: Collaboration is central to the CIAM Architects role requiring close work with IT legal compliance product leadership and other departments. You will advocate for solutions that balance strong security with userfriendly experiences proving that usability and security can coexist. Additionally you will collaborate with various teams to address specific needs and ensure business activities are conducted securely and effectively.
• Stakeholder Communication: As a key liaison you will serve as a consultative subject matter expert to stakeholders across the organization. By explaining complex technical concepts in a clear and accessible way you will inspire action build trust and ensure alignment on customer identity goals. Effective communication with senior management employees clients and external partners will also be essential in keeping everyone informed about the organizations customer identity posture and progress.

As a Customer Identity & Access Management Architect a typical week might include the following:

• Spending at least three days in the office with possibly some ad hoc travel to our London office focused on collaborating with teams and stakeholders to foster engagement and productivity.
• Developing and refining CIAM and CIGA technical strategies conducting industry research to stay ahead of emerging threats and regulatory changes like FCA and GDPR and mentoring junior engineers or analysts through projects or challenges.
• Working with application security and infrastructure teams to evaluate design and implement secure enterpriseclass customer identity systems while contributing to the creation and review of documentation for customer identity standards and frameworks.
• Proactively engaging with business stakeholders to enable smarter customer identity and risk management decisions analyzing ongoing identity requests to identify strategic solutions and collecting and reporting divisional customer identity metrics.
• Leading or participating in crossteam architecture review and design sessions presenting initiatives to the Architecture Review Team and actively managing CIAM and CIGA projects and change activities.
• Conducting information security assessments related to the customer identity architecture supporting related risk mitigation and compliance efforts and assisting with the remediation of security incidents when necessary.

To land this role you will need:

• Approximately 10 years of overall experience in technology with demonstrated expertise across multiple technology domains. Relevant areas of experience include networking compute/storage cloud technologies endpoint computing and cybersecurity.
• To be an excellent communicator. You express ideas clearly and concisely whether in writing on a call or presenting them to a group. You enjoy tailoring your message to suit different audiences and thrive in a variety of communication formats.
• To love solving problems. Tackling tough challenges and uncovering creative solutions energizes you. If you dont have the answer you dive in research and figure it out. Problemsolving is second nature to you.
• Toenjoy helping others. You find satisfaction in guiding people to their aha! moments. You are patient calm under pressure and always eager to share knowledge in a way that resonates. Teaching and supporting others bring you joy.
• To bedetail oriented. To you excellence means getting it right every time. You pride yourself on staying organized and ensuring that nothing slips through the cracks.
• To adapt quickly. Learning new things excites you and youre comfortable adjusting to change. You understand that security isnt always the answer to every question and that achieving perfection isnt realisticbut progress is always possible.
• To be selfmotivated. You take initiative seek out new challenges and take ownership of your work. You want to leave a lasting positive impact and feel proud of the time you spend with us.
• Relevant professional certifications such as CISM CISSP or comparable qualifications are a strong asset.

What makes you stand out:

• Expertise in Identity & Access Management (IAM) including internal and customer/consumer IAM infrastructure authentication and authorization fundamentals and integration services (e.g. AD LDAP SCIM). Strong understanding of identity lifecycle management (ILM) federation concepts (SAML OAuth OIDC) secure software development practices credential management cryptography and key management.
• Proven experience in identity architecture including designing implementing and continuously improving identity solutions. This includes collaborating with information security teams to ensure alignment with organizational needs and emerging technologies.
• Strong knowledge of security risk management including identifying and prioritizing risks determining when to address them and implementing compensating controls or remediation strategies as needed.
• Skilled in consulting and developing identity best practices and principles ensuring alignment with business goals customer expectations and regulatory requirements.
• Familiarity with identity considerations in cloud computing environments addressing challenges like data breaches broken authentication insider threats account hijacking and denialofservice (DoS) attacks.
• Leadership in providing strategic guidance for enterprise identity initiatives ensuring adherence to identity fundamentals while supporting business vision and roadmaps effectively and efficiently.
• Ability to communicate complex technical concepts to nontechnical stakeholders and executives effectively addressing potential threats mitigating risks and implementing controls.

Education / Certification Requirements:

• Bachelors degree in computer science Information Security Information Assurance Information Systems or a related field is preferred. Equivalent experience certifications or nontraditional educational paths will also be considered.

Working environment:

• Hybrid at ul. Mogilska 35 we have private parking for employees.

#LIHybrid #LIDK1