IAM Solutions Architect (Contract) in at Airitos
NewJob Function: Information Technology
Airitos
United States
Posted on
New job! Apply early to increase your chances of getting hired.
Explore Related Opportunities
Job Description
Location: Remote, US-based (must be authorized to work in the United States)
Engagement Type: Independent Contractor
Industry: Enterprise / Financial Services
About the Role
We are looking for an IAM Solutions Architect to join a large, complex enterprise organization on a contract basis. You will serve as a technical lead and strategic advisor on the design of a next-generation, centralized authentication platform intended to replace a complex legacy identity system built over the past decade. This is a high-visibility role that requires both hands-on architectural expertise and the ability to guide engineering teams through a multi-year modernization program. The ideal candidate has designed enterprise-scale login and identity systems at Fortune 150 or global enterprise scale and understands the operational realities of running authentication infrastructure in a high-stakes environment. Experience in financial services or other highly regulated industries is a plus.
Key Responsibilities
• Lead the architecture and design of a centralized next-generation authentication platform, built in parallel with the existing production system
• Define the target-state architecture for credential consolidation across multiple business lines and product platforms
• Provide architectural guidance on the identity Abstraction Layer, a vendor-agnostic SDK library designed to decouple applications from underlying identity vendors
• Evaluate and advise on integration patterns between the Transmit platform, Transmit Mosaic (passkeys), Ping Federation, and other identity components
• Establish standards for authentication journeys, session management, MFA flows, and federation across consumer and commercial products
• Partner with security architects, application teams, and infrastructure engineers to ensure the platform meets compliance and resilience requirements
• Review existing identity journeys and connectors; document technical debt and provide remediation recommendations
• Mentor and provide technical direction to engineering teams responsible for building and maintaining the new platform
• Produce architectural decision records (ADRs), reference architectures, and roadmap documentation
Required Qualifications
• 12+ years of experience in Identity and Access Management architecture
• Demonstrated experience designing and delivering enterprise-scale centralized authentication platforms at Fortune 150 or global enterprise scale; financial services or similarly regulated environments a plus
• Deep knowledge of authentication protocols and standards: OAuth 2.0, OIDC, SAML 2.0, FIDO2/WebAuthn, and LDAP/Active Directory
• Hands-on experience with two or more enterprise identity platforms (Transmit Security, Ping Identity, ForgeRock, Okta, SailPoint, CyberArk, or equivalent)
• Experience architecting systems that consolidate credentials or unify identity across multiple applications or business lines
• Strong understanding of API security, token lifecycle management, and session architecture
• Proven ability to lead architecture decisions in complex, multi-stakeholder environments
• Experience with change management processes and operating within enterprise ITSM frameworks
Preferred Qualifications
• Hands-on experience with the Transmit Security platform
• Experience with passkey or FIDO2 implementations at scale
• Familiarity with SDK abstraction or facade design patterns for identity integrations
• Exposure to multi-product credential federation across large, complex enterprises
• Relevant certifications: CISSP, CIAM, Ping Certified Architect, or equivalent
• Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks
Contractor Requirements
• Must be based in the United States and authorized to work without sponsorship
• Must be able to pass a background check
Engagement Type: Independent Contractor
Industry: Enterprise / Financial Services
About the Role
We are looking for an IAM Solutions Architect to join a large, complex enterprise organization on a contract basis. You will serve as a technical lead and strategic advisor on the design of a next-generation, centralized authentication platform intended to replace a complex legacy identity system built over the past decade. This is a high-visibility role that requires both hands-on architectural expertise and the ability to guide engineering teams through a multi-year modernization program. The ideal candidate has designed enterprise-scale login and identity systems at Fortune 150 or global enterprise scale and understands the operational realities of running authentication infrastructure in a high-stakes environment. Experience in financial services or other highly regulated industries is a plus.
Key Responsibilities
• Lead the architecture and design of a centralized next-generation authentication platform, built in parallel with the existing production system
• Define the target-state architecture for credential consolidation across multiple business lines and product platforms
• Provide architectural guidance on the identity Abstraction Layer, a vendor-agnostic SDK library designed to decouple applications from underlying identity vendors
• Evaluate and advise on integration patterns between the Transmit platform, Transmit Mosaic (passkeys), Ping Federation, and other identity components
• Establish standards for authentication journeys, session management, MFA flows, and federation across consumer and commercial products
• Partner with security architects, application teams, and infrastructure engineers to ensure the platform meets compliance and resilience requirements
• Review existing identity journeys and connectors; document technical debt and provide remediation recommendations
• Mentor and provide technical direction to engineering teams responsible for building and maintaining the new platform
• Produce architectural decision records (ADRs), reference architectures, and roadmap documentation
Required Qualifications
• 12+ years of experience in Identity and Access Management architecture
• Demonstrated experience designing and delivering enterprise-scale centralized authentication platforms at Fortune 150 or global enterprise scale; financial services or similarly regulated environments a plus
• Deep knowledge of authentication protocols and standards: OAuth 2.0, OIDC, SAML 2.0, FIDO2/WebAuthn, and LDAP/Active Directory
• Hands-on experience with two or more enterprise identity platforms (Transmit Security, Ping Identity, ForgeRock, Okta, SailPoint, CyberArk, or equivalent)
• Experience architecting systems that consolidate credentials or unify identity across multiple applications or business lines
• Strong understanding of API security, token lifecycle management, and session architecture
• Proven ability to lead architecture decisions in complex, multi-stakeholder environments
• Experience with change management processes and operating within enterprise ITSM frameworks
Preferred Qualifications
• Hands-on experience with the Transmit Security platform
• Experience with passkey or FIDO2 implementations at scale
• Familiarity with SDK abstraction or facade design patterns for identity integrations
• Exposure to multi-product credential federation across large, complex enterprises
• Relevant certifications: CISSP, CIAM, Ping Certified Architect, or equivalent
• Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks
Contractor Requirements
• Must be based in the United States and authorized to work without sponsorship
• Must be able to pass a background check
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
United States
Frequently asked questions about this position
Apply NowYour application goes straight to the hiring team
By submitting your application, you understand and agree to JobTarget's
Terms of Use and
Privacy Policy.