About this role
Phone numbers and emails in this ad are masked until you log in.
auto_translated_note
About this job opportunityOur VisionTo be the world's most trusted global payroll partner, simplifying pay for all employees.Our MissionEmpowering global workforces with seamless, compliant, and innovative payroll and payment solutions, enabling businesses to thrive in a connected world.Our PeopleOur fundamental beliefs at CloudPay are built on core values of professionalism, passion, empowerment, innovation, and teamwork. We value our employees and strive to create a great workplace where everyone is valued, heard, inspired, and encouraged to bring their authentic selves to work. We're committed to providing an excellent employee experience through fulfilling projects, empowerment to make a difference, and an environment that inspires innovation.What makes this role excitingThe Solutions Architect specializes in Identity & Access Management (IAM) to lead the design and implementation of enterprise-grade identity solutions across workforce, machine-to-machine (M2M), and customer (B2B, B2C) domains.The role works in a highly cross-functional environment, bridging the gap between security, core platforms, and application teams to deliver a cohesive, future-proof identity strategyMain responsibilitiesEnterprise IAM Architecture: Lead the architecture and design of enterprise IAM solutions, leveraging the Ping Identity suite.Authorization Modeling: Design and implement a robust RBAC model adaptable across workforce, applications, and platforms, with a clear evolutionary path toward hybrid RBAC/ABAC and Fine-Grained Authorization (FGA).API Security & Gateway Enforcement: Define patterns for API security and token-based access (OAuth2, OIDC, JWT).
Partner closely with API Platform teams to establish standardized token validation, scoping, and mediation patterns at the API Gateway tier (e.g., Apigee, Kong).Machine-to-Machine (M2M) Security: Architect secure service-identity and M2M authorization models, including Client Credentials flows, service identity lifecycles, and API-to-API trust frameworks.Zero Trust Governance: Ensure all identity patterns align with Zero Trust principles, producing robust architectural artifacts including role hierarchies, token claims strategies, and centralized access policies.Experience needed for this roleCore IAM & AuthorizationHands-on architectural experience with the Ping Identity suite.Deep understanding of modern identity protocols like: OAuth2, OIDC, SAML, and JWT architecture.Proven experience designing enterprise-wide RBAC and entitlement models spanning both users and services.Experience implementing modern authorization patterns (Modern Grant Authorization, scopes, claims-based access).API Security & M2M InfrastructureSolid experience integrating IAM frameworks with API Management and Gateway platforms (Apigee, Kong, or AWS API Gateway) to enforce edge security.Deep experience with the OAuth2 Client Credentials flow, token design, workload identities, and securing service-to-service communication.Leadership & GovernanceStrong enterprise architecture background with a design-first mindset (focusing on systemic patterns rather than just localized implementation).Proven ability to align large, diverse stakeholder groups (Security, Business Domains, App Teams, and Platform/Infra teams) and articulate complex IAM concepts in business-friendly language.Comfortable dealing with ambiguity, legacy constraints, and organizational complexity.Nice to have, but not essentialExperience with Identity Governance & Administration (IGA) tools.Familiarity with compliance frameworks (SOX, GDPR, ISO).Knowledge of DevSecOps, infrastructure-as-code (IaC), and IAM automation pipelines.B2C experience.AWS Cognito experience.About you and Our core valuesTaking ownership, working with integrity and respectBeing a team player is key to our cultureSolution and customer focusedGreat initiative with the goal for excellence in achieving resultsDedicated to developing and always looking for continuous improvementsBe creative, be committed, be engaged and enjoy what you doUK Package and
Benefits
Competitive SalaryCompetitive vacation allowanceCalm appWFH AllowanceLife AssurancePrivate Medical InsuranceCycle to Work SchemeEAPEye Tests & Glasses ContributionSimplyhealth Enhanced Health PlanPension SchemeGive-As-You-Earn (GAYE)Employee Referral ProgramCloudPay NOWPaid Volunteering daysMarriage LeaveBereavement LeaveVacation Purchase PlanCloudPay is committed to being an equal opportunities employer.The CloudPay culture is built upon on five core values, from which we develop our service, our technology and our business strategies. Our fundamental beliefs are a promise to our employees, customers and partners, built on the core values of professionalism, passion, empowerment, innovation, and teamwork.GlassdoorOriginally posted on Himalayas
Community Q&A
Anyone worked here? Ask before you apply.
No threads yet for this job or company.