IAM Architect, Advanced

Federal Reserve Bank•Richmond, VA

32d•$136,000 - $187,000•Onsite

About The Position

Our National IT Office of the Chief Information Security Officer (OCISO) team has an immediate opening for an Advanced Architect to join their Enterprise Security Architecture & Engineering team. This is an individual contributor role that will report to the Senior ESAE Manager. The Identity and Access Management (IAM) Advanced Architect role will work with business areas and Federal Reserve National IT (NIT) product lines to develop and implement architecture strategies, detailed designed standards, and reference architectures. The architect is knowledgeable of multiple architecture domains and is adept at working across the enterprise. The IAM Architect is responsible for leading the National IT Identity and Access Management ecosystem, driving the IAM program to modernize application authentication, authorization and security capabilities. This role will drive customer IAM security policies, ensuring application secure by design standards are met by Federal Reserve System (FRS) business units. The Identity and Access Management Architect will serve as the detailed design lead IAM technical point of contact for the Identity and Access Management program, responsible for developing customer facing IAM application standards, including authentication and authorization mechanisms.

Requirements

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field (Master's preferred).
8+ years of experience in Identity and Access Management or Security Architecture in mission-critical enterprise environments.
3+ years of direct hands-on experience with a leading IGA platform, including connector development, workflow design, and access governance configuration.
Demonstrated experience integrating IGA platforms with: Active Directory / Azure AD HR systems (Workday, PeopleSoft) Cloud environments (AWS, Azure) ServiceNow and other enterprise applications
Strong understanding of identity lifecycle management, access certification, entitlement governance, and SoD enforcement.
Familiarity with authentication and authorization standards (SAML, OAuth2, OIDC, SCIM, LDAP).
Solid understanding of NIST frameworks, Zero Trust principles, and federal identity modernization initiatives (ICAM, OMB M-22-09).
Proficiency with scripting and API integration (Python, PowerShell, REST) to automate identity data flows.
Strong communication and documentation skills - able to translate architectural concepts for both executive and technical audiences.

Nice To Haves

Certified Engineer or Architect certifications for IGA systems, cloud service providers, and SaaS platforms.
Experience with IAM IGA platforms such as Saviynt, SailPoint, ForgeRock, or CyberArk.
Working knowledge of federated identity management and PIV/CAC integration.
Familiarity with CISA Zero Trust Maturity Model and cloud identity governance best practices.
Experience delivering IAM solutions within SAFe Agile and DevSecOps frameworks.
Security certifications such as CISSP, CCSP, or GIAC IAM.

Responsibilities

Participate in and lead architectural discussions with technical and management audiences while partnering with clients and other resources to detect important architectural gaps in the systems infrastructure.
Develop implementable solutions to close architectural gaps, based on architectural principals and best practices.
Design information security architecture standards with accompanying documentation, including checklists and quick guides that are consumable and usable System-wide.
Research and identify information security best practice methods and the latest technologies, assessing potential value to our organization.
Communicate complex security architectural concepts and principals to all audiences.
Build bi-directional partnerships with customers and FRS IT, application development, and architect communities across the System and provide specialized expertise on complex security technology matters.
Educate senior management on security architecture direction, strategies, and practical application.
Initiate and guide projects with diverse groups of partners to improve our information security landscape.
Architect, configure, and deploy the Federal Reserve's Identity Governance and Administration (IGA) platform to manage identity lifecycles, access requests, role mining, and certifications across hybrid environments.
Design the target-state IAM architecture, integrating the IGA platform with enterprise directories (Active Directory, Azure AD), HR and ERP systems, and key business applications.
Develop identity data models, integration frameworks, and automation workflows aligned with security and compliance requirements.
Establish governance for role-based access control (RBAC), attribute-based access control (ABAC), segregation of duties (SoD), and access certification programs consistent with organizational risk posture.
Partner with product owners, system engineers, and compliance teams to ensure that identity processes support audit readiness, incident response, and data protection mandates.
Provide technical mentorship and architectural oversight to engineering and implementation teams.
Contribute to the development of enterprise IAM strategy, standards, and roadmaps, ensuring alignment with evolving security and business requirements.