Security Architect Identity and Access Management

An outstanding opportunity to join us in this role where you will play an exciting Senior Security Architect role that works on enterprise and solution architecture and across Enterprise and Client Identity and Access Management (EIAM and CIAM) domains.

• We offer you the opportunity to modernize and spearhead the strategy and architecture for both EIAM and CIAM. You will work with the IAM engineering community to build the next generation IAM services that work cohesively together for the bank.
• You will report directly into Head of IAM Architecture. This is an exciting technical leadership role where the successful candidate will have both the ability to roll-up their sleeves to manage a wide range of strategic and technology challenges and build a dynamic team. This is a technical role working with engineers to deliver solutions that work for the bank.
• You will be responsible for developing the IAM Architecture and producing consistent and high-quality service roadmaps, ensuring strategy alignment and oversight of standards and guidelines.
• You will work closely with the technical domain architects and engineers to develop and agree the target state and transitional states of EIAM and CIAM. You will be accountable for the architectural oversight of the identity domains.
• You will drive modern authentication (MFA/passwordless), IDP and identity federation, authorization, credential management, user and role management, identity management (IDM), privileged access management (PAM), access governance, biometrics, secrets management across on-prem and cloud.
• You will drive Cloud initiatives in line with our Digitalization strategy and work on modern IAM for the Cloud. You will drive strategic projects including Identity Provider for Cloud and SaaS applications.
• You will participate in use cases and requirements analysis, architecture state definition (target/interim), technology evaluation and strategy decision, architecture reviews, as well as identification of improvement opportunities and architecture support for department program/projects.
• You will collaborate with your colleagues and fellow architects across Credit Suisse, as well as Business Divisions on dependencies across technical domains and service areas.
• You will have a chance to increase an engagement of the architecture team, architecture community both within CTOO and within CSO divisions and you will be actively engaged in strategic projects, and this will be ultimately reflected in increased customer engagement and drive higher value from the use of CSO services.
• You will be a member of the CSO and other global Design Authorities – representing CSO at those boards to ensure that the right decisions are taken in full context, dependencies are professionally managed and appropriate socialization of key decisions takes place.

Your future colleagues

The members of the Team you will be joining is diverse both in background and experience as well as geographically. Members of the Team communicate well each to other, share their thoughts and ideas. Everyone contributes their fair share and keep track of progress and work together efficiently on variety of tasks and solutions to fulfill the agreed plan and are within the Bank Strategy. Team is keen and happy to support each other. Everyone is unique and offers own experience and knowledge.

We are a department which values Diversity and Inclusion (D&I) and is committed to realizing the firm’s D&I ambition which is an integral part of our global cultural values.

We are looking for a person who can offer:

• Bachelor’s or Master’s degree in Software Engineering, Information Technology or related sciences field (alternatively provable equivalent education and practical experience in this domain)
• Experience is modern identity standards for authentication (passwordless and MFA) such as FIDO2; experience and understanding of modern federation technologies (SAML, OAuth2, OpenID Connect)
• Knowledge of modern Digital Identity standards such as Verifiable Credentials is a plus
• Proven experience of working in EIAM and CIAM domains – including Identity Management, Privileged Access Management (PAM), Modern Authentication (MFA/Passwordless), Secrets Management, Access Governance, Identity Provider/Identity Federation.
• Experience in securing APIs with standards such as OAuth2, JWT, JWS, JWE; understanding of Open Banking (OB) and various OB flows.
• Experience with various Identity & Access Management tooling, e.g., Azure AD, Ping Fed, Centrify, CA PAM, Hypr, RSA, biometrics, Hashicorp Vault, Azure IAM foundations and others.
• Proven understanding in Security Architecture and at least 8 years of hands-on experience in an architecture role (enterprise or domain architecture) and, as a plus, around 5 years of software engineering experience with a good understanding of modern practices and trends in Enterprise, Enabling, Cyber and IT security, technologies, and frameworks.
• Profound knowledge of enterprise architecture practices, strategies, processes, and methodologies, bringing a passion for architecture and software engineering excellence, inc. experience in architecture modelling.
• Knowledge of Agile, Cloud, DevOps, Open Source, and a programming language is of substantial advantage as well as practical experience of driving architecture good practice and encouraging creative or forward-thinking in a traditional and modern IT environment.
• Proven ability to quickly learn new skills, with excellent analytical ability helping you to act as a dedicated problem solver of complex issues.
• Positive personality and can-do attitude as well as sound communication skills with an excellent command of the English language.
• Leadership skills, team-mate spirit, partnering mind-set and an enthusiastic, motivated personality.
• Intellectually curiosity and keenness to be up to date with technical trends and developments relating to technical products that might be used enterprise wide and software delivery methodologies.
• Good interpersonal and multi-tasking skills that enable to quickly gain trust and build up efficient relationships to collaborate with internal partners to drive design of global and regional initiatives/ programs forward.
• Ability to evidence implementation of a team culture, resulting of continuous improvement methodology across people, process, and technology.
• Proficiency in balancing business partner views and interests. Ability to engage senior leaders with different professional and cultural backgrounds in functional merits of Enterprise IT, including articulating business benefits in very tangible ways.
• Dedication to fostering an inclusive culture and value diverse perspectives