Apply on Kit Job: kitjob.ca/job/2fs9gv

Overview

We are seeking an IAM Architect to join our Identity and Access Management practice to support a banking client undergoing a large‑scale Customer Identity and Access Management (CIAM) transformation, including migration from Okta to Auth0.

The ideal candidate brings strong functional expertise across the IAM domain, particularly in authentication technologies, CIAM architecture, identity federation, and up-to-date identity protocols, along with experience guiding organizations through identity platform migrations and modernization initiatives.

In this role, you will work closely with security teams, product owners, and business stakeholders to design and guide the migration from Okta‑based identity services to Auth0, ensuring secure, scalable, and compliant authentication experiences for customers and applications.

The IAM Architect will help define the migration strategy, target architecture, and implementation roadmap, enabling the banking client to modernize its identity platform while maintaining continuity of authentication services and a strong security posture aligned with Zero Trust security principles.

What You Will Be Responsible For

- Lead the architecture and functional design of IAM solutions supporting the migration from Okta to Auth0 for the banking client.
- Define the target CIAM architecture and migration roadmap for transitioning user identities, authentication flows, and applications to the Auth0 platform.
- Design identity federation and authentication flows leveraging modern standards such as OpenID Connect (OIDC), OAuth 2.0, and SAML.
- Design and implement secure customer authentication journeys, including passwordless authentication, passkeys, adaptive authentication, and step‑up MFA.
- Develop user migration strategies including bulk migration, progressive (trickle) migration, and secure password migration using custom database scripts and identity migration tooling.
- Provide subject matter expertise on Auth0 tenant configuration, including identity providers, enterprise connections, social logins, Auth0 Actions, Rules, and extensibility features.




- Define secure identity integration patterns for applications, APIs, and microservices using token‑based authentication and API authorization frameworks.
- Design authorization models using RBAC, ABAC, and fine‑grained authorization controls where applicable.
- Develop architecture and design artifacts that outline solution components, identity flows, migration steps, and security controls.
- Collaborate closely with engineering teams, security architects, and application teams to ensure the successful implementation of the migration strategy.
- Evaluate emerging IAM capabilities such as identity orchestration, decentralized identity (DIDs), verifiable credentials (VCs), and passkey‑based authentication.
- Support governance and architecture review processes, ensuring solutions align with enterprise security policies and IAM best practices.
- Partner with security, fraud, compliance, and risk teams to ensure identity solutions meet regulatory and security requirements in the financial services sector.

Required Expertise

- 10+ years of experience in Identity and Access Management, with 3+ years in an IAM Architect or Lead role.
- Strong experience with CIAM platforms, particularly Okta and Auth0.
- Experience leading or supporting identity platform migrations or IAM modernization programs.
- Deep understanding of modern authentication and federation protocols including OIDC, OAuth 2.0, and SAML.
- Experience designing customer authentication journeys, identity federation, and secure access patterns.
- Hands‑on familiarity with Auth0 tenant configuration, identity providers, Actions, Rules, and application integrations.
- Experience implementing Multi‑Factor Authentication (MFA),



adaptive authentication, and passwordless authentication mechanisms.
- Experience designing API security and token‑based authentication strategies.
- Experience creating IAM architecture documentation, migration strategies, and solution design artifacts.
- Ability to collaborate with business stakeholders and translate requirements into secure IAM architecture solutions.
- Experience working with financial institutions or highly regulated environments.
- Familiarity with Zero Trust architecture principles and identity‑first security models.
- Experience with identity orchestration platforms or CIAM modernization programs.
- Familiarity with password migration techniques and identity data migration strategies.
- Exposure to security standards and frameworks such as NIST 800‑63B, FIDO2, and modern authentication guidelines.
- Experience preparing architecture presentations and communicating technical solutions to senior leadership.

Why Join Appfabs?

Work on Meaningful Transformation Programs

Be part of initiatives that modernize core insurance platforms and help organizations adopt cloud, data, and AI‑driven solutions that shape the future of the industry.

High Impact, Low Bureaucracy

At Appfabs, your work directly influences project outcomes. Our teams are lean, collaborative, and empowered to make decisions that drive real value for clients.

Ownership and Builder Mindset

We believe in taking ownership and approaching every challenge with a builder mindset—experimenting, learning, and continuously improving the solutions we deliver.

Collaborate with Experienced Practitioners

Work alongside architects, engineers, and consultants who bring deep expertise in Guidewire, data platforms, and enterprise modernization.

Opportunity to Grow with a Scaling Firm

As Appfabs continues to expand its capabilities in data, AI, and platform engineering, team members have the opportunity to grow into leadership roles and shape the next phase of the organization.

#J-18808-Ljbffr

Apply on Kit Job: kitjob.ca/job/2fs9gv

📌 IAM Architect (Toronto)
🏢 Appfabs Incorporation
📍 Toronto