IAM Architect, Advanced

CompanyFederal Reserve Bank of Richmond

When you join the Federal Reserve—the nation's central bank—you’ll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we’re building a dynamic team for our future.
Bring your passion and expertise, and we’ll provide the opportunities that will challenge you and propel your growth—along with a wide range of benefits and perks that support your health, wealth, and life. In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, pension, and more. All brought together in a work environment where you can truly find balance.

About the Opportunity

Our National IT Office of the Chief Information Security Officer (OCISO) team has an immediate opening for an Advanced Architect to join their Enterprise Security Architecture & Engineering team. This is an individual contributor role that will report to the Senior ESAE Manager. 

The Identity and Access Management (IAM) Advanced Architect role will work with business areas and Federal Reserve National IT (NIT) product lines to develop and implement architecture strategies, detailed designed standards, and reference architectures. The architect is knowledgeable of multiple architecture domains and is adept at working across the enterprise. The IAM Architect is responsible for leading the National IT Identity and Access Management ecosystem, driving the IAM program to modernize application authentication, authorization and security capabilities.  This role will drive customer IAM security policies, ensuring application secure by design standards are met by Federal Reserve System (FRS) business units. The Identity and Access Management Architect will serve as the detailed design lead IAM technical point of contact for the Identity and Access Management program, responsible for developing customer facing IAM application standards, including authentication and authorization mechanisms.

What You Will Do:

• Participate in and lead architectural discussions with technical and management audiences while partnering with clients and other resources to detect important architectural gaps in the systems infrastructure.

• Develop implementable solutions to close architectural gaps, based on architectural principals and best practices.

• Design information security architecture standards with accompanying documentation, including checklists and quick guides that are consumable and usable System-wide.

• Research and identify information security best practice methods and the latest technologies, assessing potential value to our organization.

• Communicate complex security architectural concepts and principals to all audiences.

• Build bi-directional partnerships with customers and FRS IT, application development, and architect communities across the System and provide specialized expertise on complex security technology matters.

• Educate senior management on security architecture direction, strategies, and practical application.

• Initiate and guide projects with diverse groups of partners to improve our information security landscape.

• Architect, configure, and deploy the Federal Reserve's Identity Governance and Administration (IGA) platform to manage identity lifecycles, access requests, role mining, and certifications across hybrid environments.

• Design the target-state IAM architecture, integrating the IGA platform with enterprise directories (Active Directory, Azure AD), HR and ERP systems, and key business applications.

• Develop identity data models, integration frameworks, and automation workflows aligned with security and compliance requirements.

• Establish governance for role-based access control (RBAC), attribute-based access control (ABAC), segregation of duties (SoD), and access certification programs consistent with organizational risk posture.

• Partner with product owners, system engineers, and compliance teams to ensure that identity processes support audit readiness, incident response, and data protection mandates.

• Provide technical mentorship and architectural oversight to engineering and implementation teams.

• Contribute to the development of enterprise IAM strategy, standards, and roadmaps, ensuring alignment with evolving security and business requirements.

Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred).

• 8+ years of experience in Identity and Access Management or Security Architecture in mission-critical enterprise environments.

• 3+ years of direct hands-on experience with a leading IGA platform, including connector development, workflow design, and access governance configuration.

• Demonstrated experience integrating IGA platforms with:

  • Active Directory / Azure AD

  • HR systems (Workday, PeopleSoft)

  • Cloud environments (AWS, Azure)

  • ServiceNow and other enterprise applications

• Strong understanding of identity lifecycle management, access certification, entitlement governance, and SoD enforcement.

• Familiarity with authentication and authorization standards (SAML, OAuth2, OIDC, SCIM, LDAP).

• Solid understanding of NIST frameworks, Zero Trust principles, and federal identity modernization initiatives (ICAM, OMB M-22-09).

• Proficiency with scripting and API integration (Python, PowerShell, REST) to automate identity data flows.

• Strong communication and documentation skills - able to translate architectural concepts for both executive and technical audiences.

Preferred Qualifications:

• Certified Engineer or Architect certifications for IGA systems, cloud service providers, and SaaS platforms.

• Experience with IAM IGA platforms such as Saviynt, SailPoint, ForgeRock, or CyberArk.

• Working knowledge of federated identity management and PIV/CAC integration.

• Familiarity with CISA Zero Trust Maturity Model and cloud identity governance best practices.

• Experience delivering IAM solutions within SAFe Agile and DevSecOps frameworks.

• Security certifications such as CISSP, CCSP, or GIAC IAM.

Discover the Reason Why So Many People Love It Here! 

When you join Federal Reserve’s National IT organization, not only will you find a challenging and purposeful career, you’ll also have access to a wide range of benefits and perks that support your health and wealth, including: 

• Great medical benefits 

• Pension and 401(k) with employer match 

• Paid time off 

• Tuition reimbursement 

• Paid volunteer leave 

• Onsite amenities that make working here fun 

Other Requirements and Considerations:  

• Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict-of-interest rules and personal investment restrictions.

• If you need assistance or an accommodation due to a disability, please notify [email protected].

• Sponsorship is not available for this role. The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Eligibility for this specific position requires U.S. Citizenship or three or more years of Permanent Resident (Green Card) status.

• Onsite presence required at a Federal Reserve Bank location.

• The hiring range for the Advanced Architect is $136,000 - $187,000 annually.

• For candidates located near other National IT locations, outside of Richmond, VA, the listed hiring and salary ranges may be adjusted based on your geographic location.

• Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications.

• Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by November 7, 2025.

• Always verify and apply to jobs on Federal Reserve System Careers or through verified Federal Reserve Bank social media channels.

Full Time / Part TimeFull time

Regular / TemporaryRegular

Job Exempt (Yes / No)Yes

Job CategoryInformation Technology Family Group

Work ShiftFirst (United States of America)

The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.

Privacy Notice