Jobs · Engineering · Pennsylvania

Senior Vice President, Identity and Authentication Engineer

BNY · Pittsburgh, PA · 3 wk ago
EngineeringFull-time

About the role

We’re seeking a future team member for the role of Senior Vice President, Identity and Authentication Engineer to join our Identity and Access Management team. This role is in Pittsburgh, PA or Lake Mary, FL.

Responsibilities

  • Design, implement, and support a highly available and scalable SiteMinder federation and web access management environment across enterprise platforms.
  • Lead the configuration and maintenance of federation services using industry-standard protocols such as SAML 2.0, OAuth, and OpenID Connect, including Identity Provider (IdP) and Service Provider (SP) integrations.
  • Develop and manage access control policies, realms, rules, and responses to secure critical applications, data, and enterprise resources.
  • Partner with application, infrastructure, and security teams to deliver seamless single sign-on (SSO) integrations, troubleshoot complex authentication and authorization issues, and enhance the overall user access experience.
  • Build and support automation solutions to streamline onboarding, configuration, deployment, monitoring, and operational support activities across the identity and access management environment.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline, or equivalent combination of education and practical experience.
  • 10-12 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
  • Significant experience supporting enterprise identity and access management platforms, with strong expertise in SiteMinder administration and federation services.
  • Demonstrated hands-on experience with single sign-on and federation technologies, including SAML, OAuth and OpenID Connect.
  • Hands-on experience implementing and supporting Azure AD / Microsoft Entra ID SSO, including application integration, conditional access considerations, and federation with enterprise identity platforms.
  • Strong knowledge of LDAP concepts, directory structures, schema, queries, authentication flows, and integration with enterprise identity stores.
  • Strong development and scripting skills with experience in automation using technologies such as Python, Shell scripting, PowerShell, REST APIs, or similar tools.
  • Strong understanding of authentication, authorization, SSL/TLS, certificate management, and secure access controls within complex enterprise environments.
  • Excellent problem-solving, collaboration, and communication skills, with the ability to work effectively across cross-functional teams and support mission-critical authentication services.

Qualifications

To be successful in this role, we’re seeking the following:

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline, or equivalent combination of education and practical experience.
  • 10-12 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
  • Significant experience supporting enterprise identity and access management platforms, with strong expertise in SiteMinder administration and federation services.
  • Demonstrated hands-on experience with single sign-on and federation technologies, including SAML, OAuth and OpenID Connect.
  • Hands-on experience implementing and supporting Azure AD / Microsoft Entra ID SSO, including application integration, conditional access considerations, and federation with enterprise identity platforms.
  • Strong knowledge of LDAP concepts, directory structures, schema, queries, authentication flows, and integration with enterprise identity stores.
  • Strong development and scripting skills with experience in automation using technologies such as Python, Shell scripting, PowerShell, REST APIs, or similar tools.
  • Strong understanding of authentication, authorization, SSL/TLS, certificate management, and secure access controls within complex enterprise environments.
  • Excellent problem-solving, collaboration, and communication skills, with the ability to work effectively across cross-functional teams and support mission-critical authentication services.

Skills

  • Experience with SiteMinder administration and federation services.
  • Hands-on experience with SAML, OAuth, and OpenID Connect.
  • Experience with Azure AD / Microsoft Entra ID SSO, including application integration, conditional access considerations, and federation with enterprise identity platforms.
  • Strong knowledge of LDAP concepts, directory structures, schema, queries, authentication flows, and integration with enterprise identity stores.
  • Strong development and scripting skills with experience in automation using technologies such as Python, Shell scripting, PowerShell, REST APIs, or similar tools.
  • Strong understanding of authentication, authorization, SSL/TLS, certificate management, and secure access controls within complex enterprise environments.

Benefits

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

Pay

The expected base salary for this position when employment commences can be found in the Job Info section at the bottom of the posting. Base salary offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. Base salary is only part of the total rewards package, which may include eligibility for an annual discretionary incentive award.

Schedule

If hired, the employee will be in an “at will” position and the Company reserves the right to modify base salary (as well as any other discretionary payments or compensation programs) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Similar jobs