Federal Reserve Bank of Philadelphia
IAM Architect, Advanced
Federal Reserve Bank of Philadelphia, Richmond, Virginia, United States, 23214
Federal Reserve Bank of Richmond
When you join the Federal Reserve, the nation’s central bank, you will play a key role collaborating with leading tech professionals to strengthen and protect our economic, financial, and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and its economy, and we are building a dynamic team for the future.
About the Opportunity The National IT Office of the Chief Information Security Officer (OCISO) team has an immediate opening for an Advanced Architect to join the Enterprise Security Architecture & Engineering team. This individual contributor reports to the Senior ESAE Manager and focuses on the Identity and Access Management (IAM) domain.
What You Will Do
Participate in and lead architectural discussions with technical and management audiences.
Develop implementable solutions to close architectural gaps based on best practices.
Design information security architecture standards with documentation, checklists, and quick guides that are system‑wide.
Research and identify security best practices and emerging technologies for potential value to the organization.
Communicate complex security architectural concepts to all audiences.
Build bi‑directional partnerships with customers, FRS IT application development, and architect communities.
Educate senior management on security architecture direction and practical application.
Initiate and guide projects with diverse partners to improve the information security landscape.
Architect, configure, and deploy the Federal Reserve’s Identity Governance and Administration (IGA) platform.
Design the target‑state IAM architecture integrating IGA with directories (Active Directory, Azure AD), HR and ERP systems, and key applications.
Develop identity data models, integration frameworks, and automation workflows aligned with security and compliance requirements.
Establish governance for RBAC, ABAC, SoD, and access certification programs consistent with risk posture.
Partner with product owners, engineers, and compliance teams to ensure identity processes support audit readiness and data protection mandates.
Provide technical mentorship and architectural oversight to engineering and implementation teams.
Contribute to enterprise IAM strategy, standards, and roadmaps aligning with evolving security and business requirements.
Qualifications
Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred).
8+ years of experience in Identity and Access Management or Security Architecture in mission‑critical enterprise environments.
3+ years of direct hands‑on experience with a leading IGA platform, including connector development, workflow design, and access governance configuration.
Experience integrating IGA platforms with Active Directory / Azure AD, HR systems (Workday, PeopleSoft), and cloud environments (AWS, Azure).
Strong understanding of identity lifecycle management, access certification, entitlement governance, and SoD enforcement.
Familiarity with authentication and authorization standards (SAML, OAuth2, OIDC, SCIM, LDAP).
Solid understanding of NIST frameworks, Zero Trust principles, and federal identity modernization initiatives.
Proficiency with scripting and API integration (Python, PowerShell, REST) to automate identity data flows.
Excellent communication and documentation skills – able to translate architectural concepts for executive and technical audiences.
Preferred Qualifications
Certified Engineer or Architect certifications for IGA systems, cloud service providers, and SaaS platforms.
Experience with IAM/IGA platforms such as Saviynt, SailPoint, ForgeRock, or CyberArk.
Working knowledge of federated identity management and PIV / CAC integration.
Familiarity with CISA Zero Trust Maturity Model and cloud identity governance best practices.
Experience delivering IAM solutions within SAFe Agile and DevSecOps frameworks.
Security certifications such as CISSP, CCSP, or GIAC IAM.
Benefits
Great medical benefits
Pension and 401(k) with employer match
Paid time off
Tuition reimbursement
Paid volunteer leave
Onsite amenities that make working here fun
Tuition assistance and comprehensive benefits package
Other Requirements and Considerations Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict‑of‑interest rules and personal investment restrictions. Assistance or accommodations for disabilities must be requested through the appropriate channel. Sponsorship is not available for this role. The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Eligibility requires U.S. citizenship or at least three years of permanent resident (Green Card) status. Onsite presence at a Federal Reserve Bank location is required.
The hiring range for the Advanced Architect is $136,000 – $187,000 annually. For candidates located near other National IT locations outside Richmond, VA the salary may be adjusted based on geographic location. Salary offered will be based on job responsibilities and individual knowledge, skills, and experience as defined in the job qualifications.
Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by November 7, 2025.
Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Key Skills
APIs
Pegasystems
Spring
SOAP
.NET
Hybris
Solution Architecture
Service‑Oriented Architecture
Adobe Experience Manager
J2EE
Java
Oracle
#J-18808-Ljbffr
When you join the Federal Reserve, the nation’s central bank, you will play a key role collaborating with leading tech professionals to strengthen and protect our economic, financial, and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and its economy, and we are building a dynamic team for the future.
About the Opportunity The National IT Office of the Chief Information Security Officer (OCISO) team has an immediate opening for an Advanced Architect to join the Enterprise Security Architecture & Engineering team. This individual contributor reports to the Senior ESAE Manager and focuses on the Identity and Access Management (IAM) domain.
What You Will Do
Participate in and lead architectural discussions with technical and management audiences.
Develop implementable solutions to close architectural gaps based on best practices.
Design information security architecture standards with documentation, checklists, and quick guides that are system‑wide.
Research and identify security best practices and emerging technologies for potential value to the organization.
Communicate complex security architectural concepts to all audiences.
Build bi‑directional partnerships with customers, FRS IT application development, and architect communities.
Educate senior management on security architecture direction and practical application.
Initiate and guide projects with diverse partners to improve the information security landscape.
Architect, configure, and deploy the Federal Reserve’s Identity Governance and Administration (IGA) platform.
Design the target‑state IAM architecture integrating IGA with directories (Active Directory, Azure AD), HR and ERP systems, and key applications.
Develop identity data models, integration frameworks, and automation workflows aligned with security and compliance requirements.
Establish governance for RBAC, ABAC, SoD, and access certification programs consistent with risk posture.
Partner with product owners, engineers, and compliance teams to ensure identity processes support audit readiness and data protection mandates.
Provide technical mentorship and architectural oversight to engineering and implementation teams.
Contribute to enterprise IAM strategy, standards, and roadmaps aligning with evolving security and business requirements.
Qualifications
Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred).
8+ years of experience in Identity and Access Management or Security Architecture in mission‑critical enterprise environments.
3+ years of direct hands‑on experience with a leading IGA platform, including connector development, workflow design, and access governance configuration.
Experience integrating IGA platforms with Active Directory / Azure AD, HR systems (Workday, PeopleSoft), and cloud environments (AWS, Azure).
Strong understanding of identity lifecycle management, access certification, entitlement governance, and SoD enforcement.
Familiarity with authentication and authorization standards (SAML, OAuth2, OIDC, SCIM, LDAP).
Solid understanding of NIST frameworks, Zero Trust principles, and federal identity modernization initiatives.
Proficiency with scripting and API integration (Python, PowerShell, REST) to automate identity data flows.
Excellent communication and documentation skills – able to translate architectural concepts for executive and technical audiences.
Preferred Qualifications
Certified Engineer or Architect certifications for IGA systems, cloud service providers, and SaaS platforms.
Experience with IAM/IGA platforms such as Saviynt, SailPoint, ForgeRock, or CyberArk.
Working knowledge of federated identity management and PIV / CAC integration.
Familiarity with CISA Zero Trust Maturity Model and cloud identity governance best practices.
Experience delivering IAM solutions within SAFe Agile and DevSecOps frameworks.
Security certifications such as CISSP, CCSP, or GIAC IAM.
Benefits
Great medical benefits
Pension and 401(k) with employer match
Paid time off
Tuition reimbursement
Paid volunteer leave
Onsite amenities that make working here fun
Tuition assistance and comprehensive benefits package
Other Requirements and Considerations Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict‑of‑interest rules and personal investment restrictions. Assistance or accommodations for disabilities must be requested through the appropriate channel. Sponsorship is not available for this role. The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Eligibility requires U.S. citizenship or at least three years of permanent resident (Green Card) status. Onsite presence at a Federal Reserve Bank location is required.
The hiring range for the Advanced Architect is $136,000 – $187,000 annually. For candidates located near other National IT locations outside Richmond, VA the salary may be adjusted based on geographic location. Salary offered will be based on job responsibilities and individual knowledge, skills, and experience as defined in the job qualifications.
Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by November 7, 2025.
Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Key Skills
APIs
Pegasystems
Spring
SOAP
.NET
Hybris
Solution Architecture
Service‑Oriented Architecture
Adobe Experience Manager
J2EE
Java
Oracle
#J-18808-Ljbffr