Lead Full-Stack Engineer - IAM

Lead Full-Stack Engineer - IAM

At BNY, our culture allows us to run our company better and enables employees' growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world's investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance - and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary.

We're seeking a future team member for the role of Lead Full-Stack Engineer to join our Identity Access and Management team. This role can be in Pittsburgh, PA or Lake Mary, FL.

In this role, you'll make an impact in the following ways:

• Executive title with hands-on technical leadership. You will architect, code, and lead delivery of enterprise-scale IAM platforms and services. Own end-to-end solutions across authentication, authorization, identity lifecycle, and security posture. Partner with senior stakeholders to align technology strategy with business outcomes while mentoring engineers and driving best-in-class engineering practices.
• Lead full-stack delivery of secure, resilient IAM capabilities (authentication, authorization, identity lifecycle) across enterprise applications.
• Set technical direction for Java/Spring-based services and web apps; enforce standards for reliability, performance, and security.
• Raise the bar on security (MFA, OAuth2/OIDC, LDAP/AD integrations, API security, authorization models) and operational excellence.
• Reduce incidents via robust observability, disciplined incident/problem management, and root-cause remediation.
• Accelerate delivery through Git-based CI/CD, automated testing, and repeatable release processes.
• Mentor and grow engineering talent, foster ownership, clarity, and continuous improvement.
• Communicate architecture and trade-offs to senior leadership; align investments to measurable outcomes.
  
  

To be successful in this role, we're seeking the following:

• Education/Experience: Bachelor's in computer engineering (or equivalent); 12+ years in enterprise software; 5+ years leading teams/serving as tech lead.
• Architecture & Design: Proven ability to design scalable, secure, highly available systems; clear documentation; lead design reviews and decision-making.
• Engineering Stack: Java/J2EE, Spring (Boot/Core), Spring Security; Angular/TypeScript for front end with migration from legacy JSP to modern Angular; strong REST API design, versioning, testing, and governance; integration with enterprise identity providers.
• Identity & Access: LDAP, SiteMinder, Active Directory; authentication/authorization models; MFA design and implementation; SSO and federation fundamentals.
• Security: Web app security, API security, OAuth2/OpenID Connect, token flows, secure session management, threat modeling, and secure coding practices.
• Data & Persistence: Oracle (or similar DBMS); schema design, SQL optimization, transaction integrity, and performance tuning.
• DevOps & Delivery: Git-based CI/CD pipelines, automated testing, environment promotion, release readiness, secrets/config management.
• Reliability & Operations: Troubleshooting, incident/problem management, root-cause analysis; application debugging; performance profiling and optimization; observability (logging, metrics, tracing) and auditability.
• Leadership & Communication: Hands-on ownership, stakeholder management, clear communication of architecture/trade-offs to senior leadership; ability to mentor and coach engineers; strong interpersonal skills.

Preferred/bonus

• Experience with enterprise web app security reviews and threat modeling.
• Familiarity with authorization frameworks (RBAC/ABAC) and policy-as-code.
• Exposure to SSO, identity federation, and integrating with enterprise IdPs.

Role expectations

• 50-70% individual contribution (design, coding, reviews); remainder spent on technical leadership and stakeholder alignment.
• Own critical decisions, operational readiness, and measurable reliability/security outcomes.

At BNY, our culture speaks for itself, check out the latest BNY news at:

BNY Newsroom

BNY LinkedIn

Here's a few of our recent awards:

• America's Most Innovative Companies, Fortune, 2025
• World's Most Admired Companies, Fortune 2025
• "Most Just Companies", Just Capital and CNBC, 2025

Our Benefits and Rewards:

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.