Story Behind the Need
• Business group: Global Technology Control Testing – IAM (Identity and Access Management) Architecture – part of Information Security and Controls – design solutions for customer IAM platforms
• Project: NDA Project – CIAM platform for authentication, architectural changes needed to support multiple lines of business, will be working with international stakeholders along with digital product teams to provide solutions to business requirements; in execution phase, a lot of the planning has been done and need architect to come in and help structure project, potential to work on other projects as needed
Candidate Value Proposition:
• The successful candidate will have the opportunity to work on a global initiative and have exposure to international stakeholders (not only specific to Canadian market) such as LATAM; help design a platform that supports over 16 million users in a major financial institution so is high visibility.
Typical Day in Role:
• The Identify Access Management (IAM) Architect will work with business channels and product team to understand the challenges facing them, provide solutions to these challenges and recommend architecture and design to bring modern capabilities to various IAM platforms
• Responsible for the architecture and design of new features/capabilities the team is looking to introduce into the IAM platform (ForgeRock / Ping)
• Review the business requirements (the “what”) provided by the IAM Product team and provide the overall architectural design (the “how”) to the IAM Engineering team to build into the IAM service.
• Provide required design artifacts to key stakeholders which clearly outlines the solution, components involved, key decisions, and time and cost estimates
• Closely collaborate with IAM Engineering partners in all aspects of the design and ensure alignment and synergy regarding proposed solution.
• Evaluate new authentication capabilities introduced into the ever-changing IAM landscape and account for what is applicable into proposed designs (short-term and long-term)
• Partner with various cross functional architect teams (IAM, security, business channel, fraud) to solidify design approach which aligns with best practices and strategic direction of the platform
• Collaborate with stakeholders across the Bank – technology, security architecture, security advisory, fraud, compliance and business channel teams – to provide enterprise grade solutions which meet the business and security requirements
• Represent the CIAM Architecture team on various governance boards but providing both expertise and the required artifacts necessary to ensure stakeholder approval
• Design based on strong CIAM expertise that aligns with industry standards (FIDO, OIDC, OAUTH), best practices (MFA, NIST 800-63B) and a forward-looking mentality (Passkeys, VCs, DIDs)
Candidate Requirements/Must Have Skills:
• 10+ years in IAM space with 3+ years in an Architect Role
• 5+ years of experience working within CIAM space (ForgeRock, Okta, Ping Identity etc.)
• 3+ years of hands-on experience with ForgeRock platform (SaaS or On-Prem).
• 3+ years’ experience with designing and implementing authentication and credential management flows based on channel requirements.
• 3+ years’ experience working with different MFA technologies
Nice-To-Have Skills:
• Knowledge of project finance or previous experience working within Banking Sector.
• Experience of preparation of presentation decks and presenting to senior leadership.
• Experience with cloud-based platforms (GCP, Azure, AWS) in relation to deployment of IAM services
• Experience with Java based programming languages (Java, JavaScript, NodeJS)
Soft Skills Required:
• Great communication skills to be able to communicate, design and propose solutions to various architects and receive buy-in
Education:
• Bachelor’s degree
Best VS. Average Candidate:
• Need someone who knows ForgeRock platform well and can configure it and knows how it works is the top priority, know what the capabilities are.
• Strong architectural background with hands on design skills
Candidate Review & Selection
• 3 rounds – MS Tams Video Interviews – 30 mins-1 hour
• 1st with HM – culture fit
• 2nd – panel technical interview – with peers, scenario-based questions on how they will design
• 3rd – panel with product team – probing questions on business requirements, what information will you need to design XYZ