Principal Enterprise Architect - Cybersecurity & Customer Identity (Remote - NC, AZ)
Overview
This is a remote role that can only be hired in NC or AZ. We are seeking a Lead Enterprise Architect - Cybersecurity & Customer Identity to lead the architecture of secure, scalable and compliant digital and ecosystem platforms across the bank. This role has a strong focus on Customer Identity and Access Management (CIAM) and Open Banking / API security, enabling secure customer journeys and third-party integrations while meeting the regulatory and risk expectations of a large financial institution. You will partner closely with Digital Banking, Payments, Platform Engineering, Information Security, Risk and Compliance teams to embed security and identity as foundational capabilities for the bank's digital strategy.
Responsibilities
- Define and evolve enterprise-wide cybersecurity and identity architecture for customer-facing and partner-facing platforms.
- Lead the architecture and design of the bank's Customer Identity and Access Management (CIAM) capabilities, including:
- customer onboarding and identity proofing
- authentication and MFA
- consent and preference management
- identity lifecycle and account linking
- Define security and authorization architectures for Open Banking and API ecosystems, including:
- third-party and partner onboarding
- developer and API platforms
- delegated and consent-driven access to customer data
- Establish enterprise standards and reusable architecture patterns for:
- digital channels
- API and integration platforms
- cloud and hybrid environments
- Provide architectural leadership to major digital and platform programs and act as the cybersecurity and CIAM authority within architecture governance forums.
- Partner with Information Security, Technology Risk, Compliance and Audit to ensure architectures are compliant, auditable and aligned to regulatory expectations.
- Drive modernization and consolidation of identity platforms and services to reduce risk, complexity and technical debt.
- Contribute to the evolution of architecture governance toward automated and policy-driven assurance.
#LI-IK1
Qualifications
Bachelor's Degree and 10 years of experience in Application Development, Systems Engineering, or Information Technology management OR High School Diploma or GED and 14 years of experience in Application Development, Systems Engineering, or Information Technology management Preferred skills:
- Extensive hands-on architecture experience in Customer Identity and Access Management (CIAM), including:
- large-scale customer authentication platforms
- MFA and adaptive authentication
- identity proofing and digital onboarding
- consent and customer authorization models
- Proven experience designing high-volume, consumer-grade identity platforms supporting millions of users and high availability requirements.
- Deep experience with Open Banking and API security, including:
- OAuth 2.0 and OpenID Connect
- delegated authorization and consent-driven access
- API gateway and developer platform security
- Strong cybersecurity architecture experience across:
- identity-centric and Zero Trust architectures
- application and API security
- cloud and hybrid security architectures
- Demonstrated experience working with technology risk, compliance and audit teams in regulated environments.
Preferred Experience
- Experience supporting large-scale digital banking or platform modernization programs.
- Experience consolidating or transforming legacy IAM and CIAM platforms.
- Experience introducing automated security and architecture controls (policy-as-code, design-time validation, pipeline controls).
- Multi-cloud or hybrid identity and access architectures.
Skills and Competencies
- Strong enterprise-level architecture skills across application, data, integration and technology domains.
- Ability to translate regulatory and risk requirements into practical, reusable architecture patterns.
- Strong stakeholder engagement skills with security leadership, digital product teams, platform engineering and risk partners.
- Clear written and verbal communication skills for both technical and executive audiences.
Education and Certifications (Preferred)
- Bachelor's degree in Computer Science, Engineering or a related field.
- Relevant certifications such as CISSP, CCSP, SABSA or TOGAF are a plus.
#LI-LM1 Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits. Apply tot his job Apply To this Job