Director, Infrastructure Engineer (Cloud Engineering)
About The Position
At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of Cloud Engineering to join our Cloud Platform Engineering organization. This role is located in New York City, Pittsburgh, or Lake Mary. In this role, you’ll make an impact in the following ways: Define and govern cloud identity and access architecture across AWS, Azure, GCP, OCI, and SaaS platforms to meet business, security, and compliance objectives Design and implement federation, single sign-on (SSO), and identity integration patterns using SAML, OAuth, OIDC, and related enterprise authentication standards Lead SCIM-based provisioning, deprovisioning, and identity lifecycle automation to strengthen joiner, mover, leaver controls across cloud and SaaS services Establish secure SaaS connectivity patterns, access controls, and trust relationships for enterprise platforms and third-party integrations Drive multicloud security strategy for human and machine identities, including privileged access, service accounts, secrets, and workload identity controls Partner with security, networking, platform, application, and compliance teams to implement least privilege, strong authentication, and policy-based access governance Define guardrails, standards, KPIs, and operational playbooks for identity security, access reviews, audit readiness, and continuous improvement Recruit, mentor, and develop a high-performing engineering team while guiding architecture, automation, and secure platform adoption Influence product, security, networking, compliance, and data teams to harness best-practice cloud solutions Research emerging technologies (serverless, edge, cloud AI), drive POCs, and translate findings into actionable initiatives Establish KPIs/SLIs/SLO, dashboards, and playbooks for performance, reliability, and cost optimization Recruit, mentor, and develop a world-class team, fostering collaboration, curiosity, and a metrics-driven mindset Architect and oversee IaC (Terraform, CloudFormation), container platforms (Kubernetes, Docker), and CI/CD pipelines
Requirements
- 10+ years designing and operating enterprise cloud and identity platforms, with 5+ years in leadership
- Deep expertise in Cloud Security and IAM across AWS, Azure, GCP, OCI, and major SaaS platforms
- Strong hands-on experience with federation, SSO, SCIM, MFA, identity lifecycle management, and privileged access controls
- Strong understanding of authentication and authorization standards including SAML, OAuth 2.0, OpenID Connect, and modern identity architectures
- Experience securing SaaS integrations, third-party connectivity, and cross-platform trust relationships in regulated environments
- Proven ability to influence business and technical stakeholders and communicate complex identity and security concepts to executives and engineers alike
Responsibilities
- Define and govern cloud identity and access architecture across AWS, Azure, GCP, OCI, and SaaS platforms to meet business, security, and compliance objectives
- Design and implement federation, single sign-on (SSO), and identity integration patterns using SAML, OAuth, OIDC, and related enterprise authentication standards
- Lead SCIM-based provisioning, deprovisioning, and identity lifecycle automation to strengthen joiner, mover, leaver controls across cloud and SaaS services
- Establish secure SaaS connectivity patterns, access controls, and trust relationships for enterprise platforms and third-party integrations
- Drive multicloud security strategy for human and machine identities, including privileged access, service accounts, secrets, and workload identity controls
- Partner with security, networking, platform, application, and compliance teams to implement least privilege, strong authentication, and policy-based access governance
- Define guardrails, standards, KPIs, and operational playbooks for identity security, access reviews, audit readiness, and continuous improvement
- Recruit, mentor, and develop a high-performing engineering team while guiding architecture, automation, and secure platform adoption
- Influence product, security, networking, compliance, and data teams to harness best-practice cloud solutions
- Research emerging technologies (serverless, edge, cloud AI), drive POCs, and translate findings into actionable initiatives
- Establish KPIs/SLIs/SLO, dashboards, and playbooks for performance, reliability, and cost optimization
- Recruit, mentor, and develop a world-class team, fostering collaboration, curiosity, and a metrics-driven mindset
- Architect and oversee IaC (Terraform, CloudFormation), container platforms (Kubernetes, Docker), and CI/CD pipelines
Benefits
- highly competitive compensation
- benefits
- wellbeing programs
- generous paid leaves
- paid volunteer time
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Director
Education Level
No Education Listed
