Lead Application Architect

Federal Reserve Bank of Boston
Federal Reserve Bank of Boston

IT

Boston, MA, USA

Posted on Jul 9, 2026

Company

Federal Reserve Bank of San FranciscoWe are seeking a highly experienced Saviynt Identity Governance and Administration (IGA) Lead Engineer / Architect to provide technical leadership, platform ownership, and post-go-live support for our Saviynt IGA environment.

This role will serve as the primary technical lead responsible for ensuring the platform is stable, secure, scalable, well documented, and ready for enterprise production operations.

The ideal candidate is a seasoned IAM, cybersecurity, data, and systems engineering professional with handson experience in Saviynt or comparable SaaS IGA platforms. This person will lead technical design, train and mentor the internal team, support go-live readiness, and guide the long-term IGA strategy after implementation.

Responsibilities

  • Serve as the lead engineer and technical architect for the SaaS IGA platform.
  • Own platform design, configuration, validation, troubleshooting, production readiness, and post-go-live stabilization.
  • Validate Joiner-Mover-Leaver processes, including onboarding, transfers, terminations, rehires, and deprovisioning.
  • Ensure connector stability, account aggregation, entitlement aggregation, provisioning, deprovisioning, and reconciliation accuracy.
  • Configure and support access request workflows, approval routing, access certifications, role models, policies, and provisioning rules.
  • Partner with IAM, cybersecurity, HR, infrastructure, application owners, audit/compliance, and vendor teams.
  • Lead root-cause analysis and resolution of complex platform, workflow, connector, data, and provisioning issues.
  • Analyze identity data, account data, entitlement data, access models, and provisioning outcomes to identify risks and improve accuracy.
  • Support audit, compliance, least-privilege, access review, privileged access, and segregation-of-duties requirements.
  • Develop technical documentation, runbooks, operating procedures, support guides, and knowledge transfer materials.
  • Train, mentor, and guide IAM engineers and support teams on Saviynt operations, troubleshooting, and best practices.
  • Provide strategic recommendations to improve IGA maturity, automation, scalability, security, and operational efficiency.

Qualifications

  • Extensive hands-on experience with Saviynt IGA or comparable SaaS IGA platforms.
  • Strong background in Identity Governance and Administration, IAM, cybersecurity, access control, and enterprise security operations.
  • Experience with Joiner-Mover-Leaver processes, access requests, certifications, provisioning, role management, policy configuration, and application onboarding.
  • Strong understanding of connectors and integrations, including REST APIs, SCIM, JDBC, LDAP, SOAP, flat files, directories, SaaS applications, and enterprise systems.
  • Experience with HR source integrations, Active Directory, Microsoft Entra ID / Azure AD, cloud applications, and hybrid enterprise environments.
  • Strong data architecture and analytical skills, including identity data modeling, correlation, reconciliation, normalization, reporting, and data-quality analysis.
  • Systems engineering experience with production platforms, infrastructure, monitoring, incident management, change control, release management, and operational support.
  • Cybersecurity experience with least privilege, access risk, privileged access, audit controls, compliance, segregation of duties, and secure integration practices.
  • Ability to troubleshoot complex issues across applications, infrastructure, identity data, workflows, connectors, and security controls.
  • Excellent communication, documentation, leadership, training, mentorship, and stakeholder-management skills.
  • Must be a U.S Citizen

Requirements

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Information Technology, Data Engineering, Systems Engineering, or a related technical field required.
  • Equivalent combination of advanced technical certifications and extensive enterprise IAM/IGA experience may be considered in lieu of a degree.
  • Master's degree in Cybersecurity, Information Systems, Computer Science, Data Architecture, or a related discipline preferred.
  • 10 or more years of experience with all aspects of a project from design through development, testing, implementation, and production with extensive technical breadth through experience in the IT industry

Nice to have: (Certifications)

  • Saviynt IGA certification required or must be obtained within an agreed period after hire, such as Saviynt Certified IGA Professional, Saviynt Administrator, Saviynt Engineer, Saviynt Architect, or equivalent current Saviynt certification.
  • IGA/IAM certifications from other vendors or providers strongly preferred, including SailPoint, Okta, Ping Identity, CyberArk, Microsoft, Oracle, or equivalent identity and access management certifications.
  • Microsoft identity or cloud certifications preferred, such as Microsoft Entra ID, Azure Administrator, Azure Security Engineer, or related Microsoft security and identity credentials.
  • Cybersecurity certifications preferred, including CISSP, CISM, CISA, Security+, CCSP, or equivalent.
  • Cloud certifications preferred from AWS, Microsoft Azure, or Google Cloud, especially those focused on security, identity, architecture, or systems engineering.

Preferred Qualifications

  • Experience leading enterprise Saviynt implementations and post-go-live support.
  • Experience building operational support models for IGA platforms.
  • Experience with role mining, role engineering, access certification campaigns, application onboarding, and audit evidence preparation.
  • Experience working in regulated, audit-driven, or security-sensitive environments.
  • Strong SQL, reporting, data analysis, data governance, or data architecture experience.
  • Experience advising leadership on IAM strategy, IGA roadmap planning, risk reduction, and platform maturity.

#LI-Onsite

The selected candidate will reside within a reasonable commuting distance of the employing Reserve Bank and will work full-time onsite to satisfy or exceed the minimum number of onsite days required by the employing District. Reasonable commuting distance is defined as living within 50 miles a Reserve Bank location.

Base Salary Range: Min: $164,400 Mid: $213,500 Max: $262,600 (Location: San Francisco)

Final salary and offer will be determined by the applicant’s background, experience, skills, internal equity, and alignment with market data.

We offer a wonderful benefits package including: Medical, Dental, Vision, Pre-tax Flexible Spending Account, Backup Child Care Program, Pre-Tax Day Care Flexible Spending Account, Paid Family Care Leave, Vacation Days, Sick Days, Paid Holidays, Pet Insurance, Matching 401(k), and Retirement/Pension.

The Bank is committed to providing reasonable accommodations to individuals with disabilities to participate in the job application or interview process, perform essential job functions and receive other benefits and privileges of employment. The SF Fed is an Equal Opportunity Employer. If you need any assistance or accommodations due to a disability, please let us know at sf.hr.recruitment@sf.frb.org.

Full Time / Part Time

Full time

Regular / Temporary

Regular

Job Exempt (Yes / No)

Yes

Job Category

Information Technology Family Group

Work Shift

First (United States of America)

The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.

Privacy Notice