B2B, full-time, hybrid (3 days per week in an office).

Connecting clients to markets – and talent to opportunity.

With 4,300 employees and over 400,000 retail and institutional clients from more than 80 offices spread across five continents, we’re a Fortune-100, Nasdaq-listed provider, connecting clients to the global markets – focusing on innovation, human connection, and providing world-class products and services to all types of investors. 

At StoneX, we offer you the opportunity to be part of an institutional-grade financial services network that connects companies, organizations, and investors to the global markets' ecosystem. As a team member, you'll benefit from our unique blend of digital platforms, comprehensive clearing and execution services, personalized high-touch support, and deep industry expertise. Elevate your career with us and make a significant impact in the world of global finance. 

Business Segment Overview: Engage in a deep variety of business-critical activities that keep our company running efficiently. From strategic marketing and financial management to human resources and operational oversight, you’ll have the opportunity to optimize processes and implement game-changing policies.

Position Purpose:  At StoneX, our information security teams are the guardians of our digital frontiers—defending against cyber threats that aim to infiltrate our systems, compromise customer trust, and cause mayhem. As a Customer Identity & Access Management (CIAM) Architect, you will be a key player on our blue team, working together with business leaders, tech experts, and your peers to design and implement a secure, scalable, and business-friendly customer identity architecture. 

Think of yourself as the architect of trust: your work will empower secure connections between StoneX and its customers while protecting their data and privacy. As our CIAM Architect, you’ll be more than just an architect—you’ll be a strategic leader and advocate for customer identity. You will be the visionary behind the customer identity architecture that sets the foundation for how StoneX operates and grows. This role isn’t just about systems and strategies—it’s about people and trust. Customer identity is the gateway to our business, and your work will directly influence how we earn and maintain the trust of every customer we serve. 

Primary duties will include:

• Strategic Creation: The CIAM Architect is responsible for developing and owning technical strategies that align with StoneX’s Information Security and Identity visions, grounded in a Zero Trust Architecture methodology. In this role, you will create and implement comprehensive strategies for Customer Identity & Access Management (CIAM) and Customer Identity Governance & Administration (CIGA) to ensure security, scalability, and resilience. 
• Collaboration with IT and other departments: Collaboration is central to the CIAM Architect’s role, requiring close work with IT, legal, compliance, product leadership, and other departments. You will advocate for solutions that balance strong security with user-friendly experiences, proving that usability and security can coexist. Additionally, you will collaborate with various teams to address specific needs and ensure business activities are conducted securely and effectively. 
• Stakeholder Communication: As a key liaison, you will serve as a consultative subject matter expert to stakeholders across the organization. By explaining complex technical concepts in a clear and accessible way, you will inspire action, build trust, and ensure alignment on customer identity goals. Effective communication with senior management, employees, clients, and external partners will also be essential in keeping everyone informed about the organization's customer identity posture and progress. 

As a Customer Identity & Access Management Architect, a typical week might include the following:   

• Spending at least three days in the office with possibly some ad hoc travel to our London office focused on collaborating with teams and stakeholders to foster engagement and productivity. 
• Developing and refining CIAM and CIGA technical strategies, conducting industry research to stay ahead of emerging threats and regulatory changes like FCA and GDPR, and mentoring junior engineers or analysts through projects or challenges. 
• Working with application, security, and infrastructure teams to evaluate, design, and implement secure, enterprise-class customer identity systems, while contributing to the creation and review of documentation for customer identity standards and frameworks. 
• Proactively engaging with business stakeholders to enable smarter customer identity and risk management decisions, analyzing ongoing identity requests to identify strategic solutions, and collecting and reporting divisional customer identity metrics. 
• Leading or participating in cross-team architecture review and design sessions, presenting initiatives to the Architecture Review Team, and actively managing CIAM and CIGA projects and change activities. 
• Conducting information security assessments related to the customer identity architecture, supporting related risk mitigation and compliance efforts, and assisting with the remediation of security incidents when necessary. 

To land this role you will need:

• Approximately 10 years of overall experience in technology, with demonstrated expertise across multiple technology domains. Relevant areas of experience include networking, compute/storage, cloud technologies, endpoint computing, and cybersecurity. 
• To be an excellent communicator. You express ideas clearly and concisely, whether in writing, on a call, or presenting them to a group. You enjoy tailoring your message to suit different audiences and thrive in a variety of communication formats. 
• To love solving problems. Tackling tough challenges and uncovering creative solutions energizes you. If you don’t have the answer, you dive in, research, and figure it out. Problem-solving is second nature to you. 
• Toenjoy helping others. You find satisfaction in guiding people to their "aha!" moments. You are patient, calm under pressure, and always eager to share knowledge in a way that resonates. Teaching and supporting others bring you joy. 
• To be detail oriented. To you, excellence means getting it right, every time. You pride yourself on staying organized and ensuring that nothing slips through the cracks. 
• To adapt quickly. Learning new things excites you, and you’re comfortable adjusting to change. You understand that security isn’t always the answer to every question and that achieving perfection isn’t realistic—but progress is always possible. 
• To be self-motivated. You take initiative, seek out new challenges, and take ownership of your work. You want to leave a lasting, positive impact and feel proud of the time you spend with us.
• Relevant professional certifications such as CISM, CISSP, or comparable qualifications are a strong asset. 

What makes you stand out: 

• Expertise in Identity & Access Management (IAM), including internal and customer/consumer IAM infrastructure, authentication and authorization fundamentals, and integration services (e.g., AD, LDAP, SCIM). Strong understanding of identity lifecycle management (ILM), federation concepts (SAML, OAuth, OIDC), secure software development practices, credential management, cryptography, and key management. 
• Proven experience in identity architecture, including designing, implementing, and continuously improving identity solutions. This includes collaborating with information security teams to ensure alignment with organizational needs and emerging technologies. 
• Strong knowledge of security risk management, including identifying and prioritizing risks, determining when to address them, and implementing compensating controls or remediation strategies as needed. 
• Skilled in consulting and developing identity best practices and principles, ensuring alignment with business goals, customer expectations, and regulatory requirements. 
• Familiarity with identity considerations in cloud computing environments, addressing challenges like data breaches, broken authentication, insider threats, account hijacking, and denial-of-service (DoS) attacks. 
• Leadership in providing strategic guidance for enterprise identity initiatives, ensuring adherence to identity fundamentals while supporting business vision and roadmaps effectively and efficiently. 
• Ability to communicate complex technical concepts to non-technical stakeholders and executives, effectively addressing potential threats, mitigating risks, and implementing controls.

Education / Certification Requirements: 

• Bachelor’s degree in computer science, Information Security, Information Assurance, Information Systems, or a related field is preferred. Equivalent experience, certifications, or non-traditional educational paths will also be considered. 

Working environment:

• Hybrid (2 days from home, 3 days from the office) at ul. Mogilska 35, Cracow.

#LI-Hybrid #LI-DK1