BNY · 13 hours ago
Lead Full-Stack Engineer - IAM
500 Grant Street, Pittsburgh, PA, 15258, US
Full-time
Onsite
Lead/Staff
12+ years expBNY is a leading global financial services company that influences nearly 20% of the world’s investible assets. They are seeking a Lead Full-Stack Engineer to join their Identity Access and Management team, where the individual will architect and lead the delivery of enterprise-scale IAM platforms and services while mentoring engineers and aligning technology strategy with business outcomes.
Financial Services
Responsibilities
Executive title with hands-on technical leadership. You will architect, code, and lead delivery of enterprise-scale IAM platforms and services. Own end-to-end solutions across authentication, authorization, identity lifecycle, and security posture. Partner with senior stakeholders to align technology strategy with business outcomes while mentoring engineers and driving best-in-class engineering practices
Lead full-stack delivery of secure, resilient IAM capabilities (authentication, authorization, identity lifecycle) across enterprise applications
Set technical direction for Java/Spring-based services and web apps; enforce standards for reliability, performance, and security
Raise the bar on security (MFA, OAuth2/OIDC, LDAP/AD integrations, API security, authorization models) and operational excellence
Reduce incidents via robust observability, disciplined incident/problem management, and root-cause remediation
Accelerate delivery through Git-based CI/CD, automated testing, and repeatable release processes
Mentor and grow engineering talent, foster ownership, clarity, and continuous improvement
Communicate architecture and trade-offs to senior leadership; align investments to measurable outcomes
Qualification
Required
Bachelor's in computer engineering (or equivalent)
12+ years in enterprise software
5+ years leading teams/serving as tech lead
Proven ability to design scalable, secure, highly available systems
Clear documentation
Lead design reviews and decision-making
Java/J2EE, Spring (Boot/Core), Spring Security
Angular/TypeScript for front end with migration from legacy JSP to modern Angular
Strong REST API design, versioning, testing, and governance
Integration with enterprise identity providers
LDAP, SiteMinder, Active Directory
Authentication/authorization models
MFA design and implementation
SSO and federation fundamentals
Web app security, API security, OAuth2/OpenID Connect, token flows, secure session management, threat modeling, and secure coding practices
Oracle (or similar DBMS)
Schema design, SQL optimization, transaction integrity, and performance tuning
Git-based CI/CD pipelines
Automated testing
Environment promotion, release readiness, secrets/config management
Troubleshooting, incident/problem management, root-cause analysis
Application debugging
Performance profiling and optimization
Observability (logging, metrics, tracing) and auditability
Hands-on ownership
Stakeholder management
Clear communication of architecture/trade-offs to senior leadership
Ability to mentor and coach engineers
Strong interpersonal skills
Preferred
Experience with enterprise web app security reviews and threat modeling
Familiarity with authorization frameworks (RBAC/ABAC) and policy-as-code
Exposure to SSO, identity federation, and integrating with enterprise IdPs
Benefits
Highly competitive compensation
Benefits
Wellbeing programs
Flexible global resources and tools
Focus on your health
Foster your personal resilience
Reach your financial goals
Generous paid leaves
Paid volunteer time
Company
BNY
We help make money work for the world — managing it, moving it and keeping it safe.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Brian A. Ruane
CEO Government Securities Services & Global Client Management
Chris Kearns
CEO, Depositary Receipts
Recent News
PR Newswire
2024-11-01
Company data provided by crunchbase