CIAM Threat Engineer

Role Summary

The CIAM Threat Engineer is responsible for designing, engineering, and delivering customer identity, fraud prevention, and threat detection capabilities that protect both consumer and commercial customers across digital, mobile, and enterprise channels.

This role will establish and drive standardized design and deployment patterns for identity security and fraud controls, partnering closely with Fraud, Risk, Cybersecurity, and Platform Engineering teams. The role also includes senior‑level operational support, policy governance, and participation in complex escalations related to identity and authentication services.

As the CIAM footprint continues to expand across ThreatMetrix, Arkose Labs, Prove Identity, and Transmit Security, this role will be instrumental in scaling controls, reducing fraud risk, improving customer experience, and supporting regulatory expectations.

Skills & Experience

• 3 years of hands‑on experience in Cybersecurity, Fraud Prevention, or Threat Investigations
• 2 years supporting complex environments and working with senior leaders
• Strong experience supporting Customer IAM (CIAM) security with understanding of industry best practices
• Hands‑on experience with:
• ThreatMetrix, BioCatch, Kount, Iovation or RSA Security
• Arkose Labs, Akamai, Imperva, F5, Radware or Human Security
• Prove Identity, Ping Identity, RSA Security or similar platforms
• Transmit Security or similar orchestration platforms
• Experience operating modern threat and risk engines (e.g., ThreatMetrix, BioCatch)
• Strong service and delivery mindset with focus on customer experience
• Experience managing complex risk issues in large technology environments
• Understanding of regulatory requirements impacting financial services (GLBA, SOX, PCI)
• Familiarity with ITIL / IT Service Management frameworks
• Strong verbal and written communication skills
• Ability to manage multiple complex initiatives requiring rapid delivery
• Experience working in an Agile delivery environment preferred
• Knowledge of ISO, NIST, and FFIEC guidance preferred

Education & Certifications

• BA/BS in Information Systems, Computer Science, or a related field
• or equivalent practical experience

Key Responsibilities

Threat Engineering & Fraud Prevention

• Assess existing customer application‑based threat and fraud controls, identify gaps, and deliver solutions to mitigate risk across:
• Login and enrollment
• Credit card activation
• Profile changes
• Payments and high‑risk transactions
• Design and tune ThreatMetrix (TMX) policies supporting adaptive, risk‑based decisioning.
• Drive fraud policy configuration that enables orchestration, device trust, and multi‑factor authentication.

Bot Defense & Abuse Mitigation

• Engineer and operate Arkose Labs bot‑defense and challenge strategies across web and mobile platforms.
• Partner with Fraud and Cybersecurity teams to evaluate automated attack patterns and reduce scripted abuse while minimizing customer friction.
• Use data and metrics to continuously improve challenge strategies and outcomes.

Identity Proofing & Authentication

• Support and enhance identity verification and step‑up authentication using Prove Identity and Transmit Security.
• Contribute to Always‑On MFA, OTP, biometric, and orchestration‑based authentication strategies.
• Ensure consistent identity and authentication behavior across digital, mobile, and contact center experiences.

Data Analytics & Threat Intelligence

• Collect, analyze, and interpret data from multiple sources (e.g., Splunk, event telemetry, vendor dashboards) to:
• Identify fraud trends
• Validate profiling accuracy
• Improve threat detection and response
• Work with partners to define threat monitoring and reporting requirements and identify enhancement opportunities