×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager Network Security

Customer Identity & Access Management; CIAM Security Architecture Lead

Job in Westbrook, Cumberland County, Maine, 04098, USA
Listing for: IDEXX Laboratories, Inc
Full Time position
Listed on 2026-02-09
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager, Network Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: Customer Identity & Access Management (CIAM) Security Architecture Lead

Overview

IDEXX's Cyber Security and Information Security teams enable a resilient, adaptable, and security-aware enterprise—supporting the technology that delivers trusted products and solutions to customers worldwide.

The Customer Identity & Access Management (CIAM) Security Architecture Lead is a senior, high-impact role within the Information Security organization, serving as the primary architectural authority and technical visionary for customer identity across IDEXX's customer-facing ecosystem. This role is responsible for assessing, strengthening, and evolving a secure, scalable, and unified CIAM architecture that supports multiple products, customer types, and integration models—while delivering a consistent, friction-aware customer experience.

IDEXX has an existing Auth0 implementation in place; however, this role will lead a comprehensive review and re-architecture of the current environment to ensure it is securely implemented, properly configured, and aligned to enterprise-scale requirements and long-term CIAM vision.

While Auth0 is the current CIAM platform, this role maintains a platform-agnostic security architecture perspective, ensuring IDEXX can evolve, extend, or transition CIAM platforms as business, risk, or regulatory needs change. You will bridge executive strategy and hands-on engineering execution—defining not only what is built, but how customer identity integrates into IDEXX's broader cyber security architecture, ensuring identity is a business enabler, not a constraint.

Location
:
We are seeking someone driving distance to our Westbrook, Maine HQ where you will be able to work hybrid, with a minimum of 8 days on-site per month. We are also open to those willing to relocate.

Responsibilities

CIAM Security Architecture & Platform Leadership:

  • Serve as the security architecture authority for customer identity and access management across all customer-facing products
  • Assess the existing Auth0 deployment and lead remediation, reconfiguration, and architectural improvements to meet enterprise security and scale requirements
  • Design and evolve an enterprise CIAM architecture that remains portable across other CIAM platforms (e.g., Okta CIAM, Ping Identity, Forge Rock, Microsoft Entra )
  • Establish CIAM security standards, reference architectures, control requirements, and guardrails aligned with Zero Trust principles and enterprise security strategy

Strategic Roadmap & Vision:

  • Develop and maintain a multi-year CIAM roadmap aligned with enterprise goals and digital transformation initiatives
  • Define future-state capabilities including SSO, MFA, passwordless authentication, adaptive authentication, modern RBAC/ABAC models, and expansion across B2B and B2C use cases
  • Ensure the roadmap addresses remediation of current-state gaps while enabling long-term scalability and consistency

Authentication, Authorization & Federation:

  • Architect and govern secure authentication and authorization patterns across diverse customer use cases
  • Design and implement federated identity integrations using OIDC, OAuth 2.0, and SAML
  • Support customer-managed and federated identity scenarios, including trust boundary definition, assurance levels, and delegated administration models

Multi-Tenant, Admin & Delegated Access Models:

  • Architect secure multi-tenant CIAM models supporting multiple products, customers, and environments
  • Design layered administrative and delegated access controls for internal operations and customer administrators
  • Ensure administrative access adheres to least privilege, separation of duties, and strong auditability

Integrations, System Accounts & Non-Human Identity:

  • Architect CIAM solutions supporting both human customer identities and system, service, and integration accounts
  • Define secure API authentication, token lifecycle management, system-to-system (internal and external) authentication patterns and non-interactive access patterns

Security Controls, Risk & Governance:

  • Define and validate security controls, configurations, and assurance requirements for CIAM implementations
  • Ensure CIAM solutions integrate with the broader security ecosystem including SIEM/SOAR, IAM/IGA, monitoring, and fraud detection…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search