Principal Identity & Authentication Architect

We are seeking a Principal Identity & Authentication Architect to lead the design and delivery of a next-generation identity platform.

Our client is modernizing its Identity & Access Management (IAM) ecosystem to enable a seamless, token-based authentication experience across all digital channels, reducing friction, improving security, and supporting both human and machine identities at scale.

This role sits at the intersection of architecture, strategy, and hands-on engineering leadership, responsible for translating identity vision into executable architecture and scalable platform patterns.

Key Objective of the Role

To design and drive the implementation of a modern, cloud-native, token-centric identity and authentication architecture, enabling:

• Seamless single-session authentication across banking channels
• Carrier/token-based authentication models replacing legacy federation (SAML/LDAP)
• Secure management of human and non-human identities
• Scalable identity platform adoption across engineering teams

1. Identity Architecture & Strategy

• Define and own the target-state identity & authentication architecture
• Design token-based authentication flows (OAuth 2.0 / OpenID Connect / FIDO2)
• Replace or modernize legacy federation patterns (SAML, LDAP)
• Establish reusable identity patterns, reference architectures, and standards
• Drive just-in-time authentication (JIT) and zero-standing-privilege models

1. Platform & Engineering Leadership

• Architect identity solutions using Microsoft Entra ID (Azure AD)
• Design scalable machine-to-machine (non-human identity) frameworks
• Develop cloud-native identity integration patterns across APIs and applications
• Define architecture for a central identity SDK / developer onboarding framework
• Guide engineering teams in implementing identity standards at scale

1. Identity Governance & Security

• Support remediation of IAM audit and compliance findings
• Define identity governance controls aligned with Zero Trust principles
• Strengthen identity posture across:
• - Conditional Access
• Privileged Identity Management (PIM)
• Access Reviews & Lifecycle workflows
• Improve identity security alignment with regulatory frameworks (NIST, ISO, CIS, PCI DSS)

1. Enterprise Integration & Delivery Leadership

• Lead integration of IAM platform with enterprise applications and cloud systems
• Provide architectural direction to distributed and offshore teams
• Act as the escalation point for identity architecture decisions
• Bridge gap between strategy, security, and engineering delivery teams

1. Capability & Stakeholder Leadership

• Influence senior stakeholders across security, engineering, and enterprise architecture
• Translate complex identity concepts into actionable delivery roadmaps
• Mentor architects and engineers across IAM domains
• Drive adoption of modern identity standards across the organisation

Required Skills & Experience

• 8 –20+ years in Identity & Access Management (IAM)
• Strong experience with Microsoft Entra ID (Azure AD) as a core identity platform
• Deep expertise in:
• - OAuth 2.0 / OpenID Connect
• SAML 2.0 federation
• Authentication and authorisation architecture
• Experience designing cloud/hybrid identity solutions at enterprise scale
• Strong background in Active Directory / Entra hybrid environments
• Experience implementing:
• - Conditional Access
• MFA / Passwordless authentication
• Privileged Identity Management (PIM)
• Strong understanding of identity governance and compliance frameworks
• Experience working in regulated environments (banking / financial services preferred)

• Experience with SailPoint (IdentityNow or IdentityIQ)
• Experience with CyberArk (PAM solutions)
• Exposure to just-in-time access / zero trust architectures
• Experience in non-human identity / workload identity / API authentication
• Experience designing developer identity platforms or SDKs
• Familiarity with Australian banking regulatory expectations (APRA preferred)

Ideal Candidate Profile

The ideal candidate is a senior identity architect who can operate across strategy and deep technical design, with the ability to:

• Translate identity strategy into scalable architecture and execution roadmaps
• Lead modernisation from legacy federation to token-centric authentication
• Operate confidently in both architecture governance forums and technical design reviews
• Drive transformation in complex, enterprise-scale banking environments
• Influence engineering teams without direct line management authority

Key Focus Areas for This Role

This is not an IAM administration role. The focus is on:

• Identity architecture leadership
• Authentication innovation
• Cloud-native identity transformation
• Token-based identity systems
• Enterprise-scale execution enablement

Why This Role

This is a rare opportunity to shape the future of identity and authentication for one of Australia’s leading financial institutions, building a platform that eliminates friction, strengthens security, and enables next-generation digital banking experiences.