Director, Infrastructure Engineer (Cloud Engineering)
About The Position
At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of Cloud Engineering to join our Cloud Platform Engineering organization. This role is located in New York City, Pittsburgh, or Lake Mary.
Requirements
- 10+ years designing and operating enterprise cloud and identity platforms, with 5+ years in leadership
- Deep expertise in Cloud Security and IAM across AWS, Azure, GCP, OCI, and major SaaS platforms
- Strong hands-on experience with federation, SSO, SCIM, MFA, identity lifecycle management, and privileged access controls
- Strong understanding of authentication and authorization standards including SAML, OAuth 2.0, OpenID Connect, and modern identity architectures
- Experience securing SaaS integrations, third-party connectivity, and cross-platform trust relationships in regulated environments
- Proven ability to influence business and technical stakeholders and communicate complex identity and security concepts to executives and engineers alike
Responsibilities
- Define and govern cloud identity and access architecture across AWS, Azure, GCP, OCI, and SaaS platforms to meet business, security, and compliance objectives
- Design and implement federation, single sign-on (SSO), and identity integration patterns using SAML, OAuth, OIDC, and related enterprise authentication standards
- Lead SCIM-based provisioning, deprovisioning, and identity lifecycle automation to strengthen joiner, mover, leaver controls across cloud and SaaS services
- Establish secure SaaS connectivity patterns, access controls, and trust relationships for enterprise platforms and third-party integrations
- Drive multicloud security strategy for human and machine identities, including privileged access, service accounts, secrets, and workload identity controls
- Partner with security, networking, platform, application, and compliance teams to implement least privilege, strong authentication, and policy-based access governance
- Define guardrails, standards, KPIs, and operational playbooks for identity security, access reviews, audit readiness, and continuous improvement
- Recruit, mentor, and develop a high-performing engineering team while guiding architecture, automation, and secure platform adoption
- Influence product, security, networking, compliance, and data teams to harness best-practice cloud solutions
- Research emerging technologies (serverless, edge, cloud AI), drive POCs, and translate findings into actionable initiatives
- Establish KPIs/SLIs/SLOs, dashboards, and playbooks for performance, reliability, and cost optimization
- Recruit, mentor, and develop a world-class team, fostering collaboration, curiosity, and a metrics-driven mindset
- Architect and oversee IaC (Terraform, CloudFormation), container platforms (Kubernetes, Docker), and CI/CD pipelines
Benefits
- highly competitive compensation
- benefits
- wellbeing programs
- generous paid leaves
- paid volunteer time
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Director
Education Level
No Education Listed
