Rodeo
ResourcesPartnersSign in

CloudPay

IDM Solution Architect

Andover
Posted 1 day ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

IDM Solution Architect

About This Job Opportunity

Our Vision

To be the world's most trusted global payroll partner, simplifying pay for all employees.

Our Mission

Empowering global workforces with seamless, compliant, and innovative payroll and payment solutions, enabling businesses to thrive in a connected world.

Our People

Our fundamental beliefs at CloudPay are built on core values of professionalism, passion, empowerment, innovation, and teamwork. We value our employees and strive to create a great workplace where everyone is valued, heard, inspired, and encouraged to bring their authentic selves to work. We're committed to providing an excellent employee experience through fulfilling projects, empowerment to make a difference, and an environment that inspires innovation.

What Makes This Role Exciting

The Solutions Architect specializes in Identity & Access Management (IAM) to lead the design and implementation of enterprise-grade identity solutions across workforce, machine-to-machine (M2M), and customer (B2B, B2C) domains.

The role works in a highly cross-functional environment, bridging the gap between security, core platforms, and application teams to deliver a cohesive, future-proof identity strategy.

Main Responsibilities

  • Enterprise IAM Architecture: Lead the architecture and design of enterprise IAM solutions, leveraging the Ping Identity suite.
  • Authorization Modeling: Design and implement a robust RBAC model adaptable across workforce, applications, and platforms, with a clear evolutionary path toward hybrid RBAC/ABAC and Fine-Grained Authorization (FGA).
  • API Security & Gateway Enforcement: Define patterns for API security and token-based access (OAuth2, OIDC, JWT). Partner closely with API Platform teams to establish standardized token validation, scoping, and mediation patterns at the API Gateway tier (e.g., Apigee, Kong).
  • Machine-to-Machine (M2M) Security: Architect secure service-identity and M2M authorization models, including Client Credentials flows, service identity lifecycles, and API-to-API trust frameworks.
  • Zero Trust Governance: Ensure all identity patterns align with Zero Trust principles, producing robust architectural artifacts including role hierarchies, token claims strategies, and centralized access policies.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Experience Needed For This Role

Core IAM & Authorization

  • Hands-on architectural experience with the Ping Identity suite.
  • Deep understanding of modern identity protocols like: OAuth2, OIDC, SAML, and JWT architecture.
  • Proven experience designing enterprise-wide RBAC and entitlement models spanning both users and services.
  • Experience implementing modern authorization patterns (Modern Grant Authorization, scopes, claims-based access).

API Security & M2M Infrastructure

  • Solid experience integrating IAM frameworks with API Management and Gateway platforms (Apigee, Kong, or AWS API Gateway) to enforce edge security.
  • Deep experience with the OAuth2 Client Credentials flow, token design, workload identities, and securing service-to-service communication.

Leadership & Governance

  • Strong enterprise architecture background with a design-first mindset (focusing on systemic patterns rather than just localized implementation).
  • Proven ability to align large, diverse stakeholder groups (Security, Business Domains, App Teams, and Platform/Infra teams) and articulate complex IAM concepts in business-friendly language.
  • Comfortable dealing with ambiguity, legacy constraints, and organizational complexity.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Nice To Have, But Not Essential

  • Experience with Identity Governance & Administration (IGA) tools.
  • Familiarity with compliance frameworks (SOX, GDPR, ISO).
  • Knowledge of DevSecOps, infrastructure-as-code (IaC), and IAM automation pipelines.
  • B2C experience.
  • AWS Cognito experience.

About You And Our Core Values

  • Taking ownership, working with integrity and respect
  • Being a team player is key to our culture
  • Solution and customer focused
  • Great initiative with the goal for excellence in achieving results
  • Dedicated to developing and always looking for continuous improvements
  • Be creative, be committed, be engaged and enjoy what you do

UK Package And Benefits

  • Competitive Salary
  • Competitive vacation allowance
  • Calm app
  • WFH Allowance
  • Life Assurance
  • Private Medical Insurance
  • Cycle to Work Scheme
  • EAP
  • Eye Tests & Glasses Contribution
  • Simplyhealth Enhanced Health Plan
  • Pension Scheme
  • Give-As-You-Earn (GAYE)
  • Employee Referral Program
  • CloudPay NOW
  • Paid Volunteering days
  • Marriage Leave
  • Bereavement Leave
  • Vacation Purchase Plan

CloudPay is committed to being an equal opportunities employer.

The CloudPay culture is built upon on five core values, from which we develop our service, our technology and our business strategies. Our fundamental beliefs are a promise to our employees, customers and partners, built on the core values of professionalism, passion, empowerment, innovation, and teamwork.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Identity & Access Management
IAM Architecture
Ping Identity
RBAC
OAuth2
OIDC
JWT
API Security
M2M Security
Zero Trust Governance
Authorization Modeling
API Management
Service-to-Service Communication
Enterprise Architecture
Stakeholder Alignment
Compliance Frameworks

Location

Andover, England, United Kingdom

Sign up to applySee more jobs like this