IAM/RBAC Engineer

IAM/RBAC Engineer

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #Life AtBNY is all about. Join us and be part of something extraordinary.

We’re seeking a future team member for the role of IAM/RBAC Engineer to join our Global Technology team. This role is in Pittsburgh, PA and Lake Mary, FL.

In this role, you’ll make an impact in the following ways:

• Design, implement, and administer role-based access controls (RBAC) across Azure resources, defining and maintaining an enterprise role taxonomy.
• Enforce least-privilege access principles through security groups, role assignments, and Just-in-Time (JIT) privileged access workflows.
• Manage multi-factor authentication (MFA) and strong authenticator protection for privileged roles, including emergency access (“break-glass”) procedures.
• Develop and maintain IAM policies, conduct periodic access reviews, support audit readiness, and configure Azure-native monitoring and logging for identity and access events.

To be successful in this role, we’re seeking the following:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Professional certifications in relevant technologies or infrastructure management are preferred. EXPERIENCE: Typically 6-10 years of experience.SKILLS: - Expertise in infrastructure operations and production services management.
• Strong analytical and problem-solving capabilities.
• Excellent communication and leadership skills.
• Advanced hands-on experience with Microsoft Entra ID (formerly Azure AD), Azure RBAC, privileged identity management (PIM), and JIT access workflows.
• Proven expertise in Azure Policy, managed identities, and provisioning Azure AD administrator roles for services.
• Strong understanding of least-privilege access design, baseline configuration management, and maintaining accurate asset and data inventories.
• Demonstrated ability to author IAM policies and procedures, perform access reviews, and support audit evidence collection.
• Excellent communication and collaboration skills to work effectively across engineering, security, and operations teams.

At BNY, our culture speaks for itself, check out the latest BNY news at:

BNY Newsroom

BNY LinkedIn

Here’s a few of our recent awards:

America’s Most Innovative Companies, Fortune, 2025
World’s Most Admired Companies, Fortune 2025
“Most Just Companies”, Just Capital and CNBC, 2025

Our Benefits and Rewards:

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

• BNY is an Equal Employment Opportunity/Affirmative Action Employer
• Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.