Software Architect Consultant (CIAM) - Remote

SpruceID builds privacy-preserving, standards-based digital identity and credentialing solutions that give individuals control of their information while enabling governments and enterprises to deliver secure, interoperable services. We partner with public-sector organizations to modernize how identity is issued, verified, and used.

As a Software Architect Consultant (CIAM), you will sit at the intersection of engineering, customer delivery, and digital identity. You will work directly with state governments, federal agencies, and enterprise partners to design, guide, and deploy large-scale identity platforms, often serving as the primary technical authority for identity architecture across engagements.

This role combines hands-on architecture, consulting, systems design, and stakeholder leadership. You will lead the design and delivery of CIAM solutions that support hundreds of thousands to millions of users, ensuring they meet the highest standards for security, interoperability, and user experience.

You will ensure SpruceID’s identity solutions are deployed securely, effectively, and with lasting real-world impact, while helping shape how our identity architecture evolves across projects and partners.

This role is contract-based and fully remote within the U.S., with occasional travel for on-site engagements as needed.

What You’ll Do

• Lead the design of end-to-end CIAM architectures, including authentication, federation, identity proofing, consent management, and session management for large-scale deployments (100K–1M+ users)

• Translate complex customer, policy, and regulatory requirements into secure, production-ready identity system designs

• Work closely with customer delivery leads, engineers, and external partners to drive successful implementation from discovery through production

• Act as a trusted technical advisor to public-sector and enterprise stakeholders, guiding identity strategy, standards adoption, and platform decisions

• Lead the implementation and integration of identity standards such as OpenID Connect, OAuth 2.0, and SAML across modern and legacy systems

• Navigate complex stakeholder environments, including government agencies, CISOs, procurement teams, and vendors, translating between technical and non-technical audiences

• Produce and review architecture documentation, including design artifacts, decision records, and implementation guidance

• Establish reusable patterns and reference architectures to improve consistency and scalability across engagements

• Evaluate identity platforms, credentialing solutions, and verification vendors in alignment with project requirements

• Support delivery teams in resolving complex integration challenges and ensuring successful deployment outcomes

What We’re Looking For

• 10+ years of experience in software architecture, with at least 5 years focused on identity and access management (IAM/CIAM)

• Proven track record of designing and delivering large-scale identity systems (100,000+ users) from concept through production

• Deep expertise in identity protocols and standards, including OpenID Connect and SAML 2.0, with hands-on implementation experience

• Experience working in complex stakeholder environments, particularly with government or highly regulated enterprises

• Familiarity with structured SDLC processes, including compliance frameworks such as NIST 800-63, FedRAMP, or similar

• Strong communication skills, with the ability to produce clear technical documentation and engage effectively with executive stakeholders

• Ability to operate independently in ambiguous environments and drive clarity across technical and organizational boundaries

• Experience working directly with customers in a consulting, advisory, or delivery-focused role

Bonus Qualifications

• Experience with verifiable credentials, decentralized identity (DIDs), or emerging digital identity standards (e.g., mDL, ISO 18013-5)

• Familiarity with identity proofing and verification systems supporting NIST IAL2/IAL3 assurance levels

• Experience designing systems at million-user scale with high availability and performance requirements

• Hands-on experience with FIDO2/WebAuthn and passwordless authentication (passkeys)

• Background working on public-sector digital identity initiatives (state or federal)

• Experience with identity platforms such as Okta/Auth0, Ping/ForgeRock, Microsoft Entra ID, Keycloak, or AWS Cognito

• Familiarity with standards bodies such as OpenID Foundation, FIDO Alliance, W3C, or NIST

What Success Looks Like

• Within the first 30 days, you’ve assessed current identity architectures and identified key risks, gaps, and opportunities

• By 90 days, you’ve delivered a clear reference architecture and roadmap aligned with client needs and industry standards

• Ongoing, you serve as a trusted technical leader, driving alignment across stakeholders and unblocking teams on complex identity challenges