Apply on Employer Site

Federal Reserve Bank of San Francisco · 2 months ago

IAM Architect, Advanced

Boston, MA

Full-time

Onsite

Senior Level, Lead/Staff

$136K/yr - $187K/yr

8+ years exp

The Federal Reserve Bank of Richmond is part of the nation's central bank, focusing on enhancing economic and financial systems. The IAM Architect role involves leading the Identity and Access Management ecosystem, developing architecture strategies, and ensuring secure application standards are met across the Federal Reserve System.

BankingFinanceFinancial Services

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Participate in and lead architectural discussions with technical and management audiences while partnering with clients and other resources to detect important architectural gaps in the systems infrastructure

Develop implementable solutions to close architectural gaps, based on architectural principals and best practices

Design information security architecture standards with accompanying documentation, including checklists and quick guides that are consumable and usable System-wide

Research and identify information security best practice methods and the latest technologies, assessing potential value to our organization

Communicate complex security architectural concepts and principals to all audiences

Build bi-directional partnerships with customers and FRS IT, application development, and architect communities across the System and provide specialized expertise on complex security technology matters

Educate senior management on security architecture direction, strategies, and practical application

Initiate and guide projects with diverse groups of partners to improve our information security landscape

Architect, configure, and deploy the Federal Reserve's Identity Governance and Administration (IGA) platform to manage identity lifecycles, access requests, role mining, and certifications across hybrid environments

Design the target-state IAM architecture, integrating the IGA platform with enterprise directories (Active Directory, Azure AD), HR and ERP systems, and key business applications

Develop identity data models, integration frameworks, and automation workflows aligned with security and compliance requirements

Establish governance for role-based access control (RBAC), attribute-based access control (ABAC), segregation of duties (SoD), and access certification programs consistent with organizational risk posture

Partner with product owners, system engineers, and compliance teams to ensure that identity processes support audit readiness, incident response, and data protection mandates

Provide technical mentorship and architectural oversight to engineering and implementation teams

Contribute to the development of enterprise IAM strategy, standards, and roadmaps, ensuring alignment with evolving security and business requirements

Qualification

Identity GovernanceAdministrationActive Directory / Azure ADIdentity lifecycle managementScriptingAPI integrationSecurity ArchitectureAuthenticationAuthorization standardsNIST frameworksIAM solutions deliveryCommunication skillsDocumentation skillsTechnical mentorship

Required

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field (Master's preferred)

8+ years of experience in Identity and Access Management or Security Architecture in mission-critical enterprise environments

3+ years of direct hands-on experience with a leading IGA platform, including connector development, workflow design, and access governance configuration

Demonstrated experience integrating IGA platforms with: Active Directory / Azure AD, HR systems (Workday, PeopleSoft), Cloud environments (AWS, Azure), ServiceNow and other enterprise applications

Strong understanding of identity lifecycle management, access certification, entitlement governance, and SoD enforcement

Familiarity with authentication and authorization standards (SAML, OAuth2, OIDC, SCIM, LDAP)

Solid understanding of NIST frameworks, Zero Trust principles, and federal identity modernization initiatives (ICAM, OMB M-22-09)

Proficiency with scripting and API integration (Python, PowerShell, REST) to automate identity data flows

Strong communication and documentation skills - able to translate architectural concepts for both executive and technical audiences

Preferred

Certified Engineer or Architect certifications for IGA systems, cloud service providers, and SaaS platforms

Experience with IAM IGA platforms such as Saviynt, SailPoint, ForgeRock, or CyberArk

Working knowledge of federated identity management and PIV/CAC integration

Familiarity with CISA Zero Trust Maturity Model and cloud identity governance best practices

Experience delivering IAM solutions within SAFe Agile and DevSecOps frameworks

Security certifications such as CISSP, CCSP, or GIAC IAM

Benefits

Tuition assistance

Generous paid time off

Top-notch health care benefits

Child and family care leave

Professional development opportunities

A 401(k) match

Pension

Great medical benefits

Pension and 401(k) with employer match

Paid time off

Tuition reimbursement

Paid volunteer leave

Onsite amenities that make working here fun

Company

Federal Reserve Bank of San Francisco

Glassdoor3.6

We are the Federal Reserve Bank of San Francisco—public servants with a mission to advance the nation’s monetary, financial, and payment systems to build a stronger economy for all Americans.

Founded in 1913

San Francisco, California, USA

1001-5000 employees