ciam solutions architect.

Job Title: Customer Identity Solution Architect

Job Description: We are seeking a skilled and experienced Customer Identity Solution Architect to join our Digital Services Stream. In this role, you will be crucial in a Customer Identity and Access Management (CIAM) project, providing technical leadership from the design phase through to implementation and operational transition. The ideal candidate will ensure architectural alignment, data integrity, and integration consistency across all systems. You will work closely with project managers, technical leads, and developers to align the CIAM solution with our digital strategy and enterprise architecture standards. This role will involve leading the solution design for both individual and organisational CIAM.

Key Responsibilities:

• Provide technical leadership for an Azure-native CIAM platform for both individual and organisational identities.
• Own the solution architecture for various components, including Azure AD B2C custom policies, API Management, the back-end-for-front-end (BFF)/micro-API layer, Cosmos DB data models, and role-based access control (RBAC).
• Ensure designs adhere to enterprise architecture standards, Australian privacy law, TDIF controls, and cybersecurity best practices.
• Guide delivery teams on building services for identity linking, legacy-account migration, data-quality validation, and address verification.
• Create and maintain reference architecture, data-flow diagrams, threat models, and transition-to-support documentation.
• Define operational readiness, including monitoring for latency, deployment strategies, and service-level objectives.

Required Skills and Experience:

• Proven leadership as a Solution or Domain Architect on large-scale digital identity or security programs, preferably in a public-sector or regulated environment.
• Extensive expertise with Microsoft Azure services, including Azure AD B2C, API Management, Functions, App Services, Key Vault, Cosmos DB, Front Door, and Azure Relay.
• Hands-on architecture experience with .NET 8 back-ends and React/TypeScript front-ends.
• In-depth knowledge of OAuth 2.0, OpenID Connect (PKCE), RBAC, and step-up authentication flows.
• Demonstrated experience designing solutions for identity linking, account migration, and data-quality-driven user-lifecycle management.
• Familiarity with the Trusted Digital Identity Framework (TDIF) and integration with services like MyID/myGovID, Australian Business Register (ABR), and ASIC web services.
• Strong documentation and stakeholder engagement skills, with the ability to explain complex identity concepts to both technical and non-technical audiences.
• Experience leading multi-disciplinary Agile teams and governing architecture from epics to implementation.

Desirable Skills:

• Experience with advanced Cosmos DB partitioning, consistency-level tuning, and serverless cost optimisation.
• Familiarity with designing monitoring and alerting for queue throughput and processor failure spikes.
• Experience with Power Platform & Dataverse data modelling and plug-in development.
• Background in information-security risk management, including Australian Privacy Principles (APPs).

If you are interested in this position, please click apply or reach out to Will Denford at will.denford@randstaddigital.com.au.

At Randstad, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.