Key skills
AWSAzureCloudGoogle Cloud PlatformSQLGCPGoogle CloudIAMOAuthSAMLLDAPActive DirectoryLeadershipRisk ManagementCommunication
About this role
Role Overview
- Drive operational excellence, foster innovation, and champion security and productivity.
- Design and maintain provisioning frameworks, collaborating with engineering partners to optimize permission models and tooling.
- Manage projects for implementing new security and privacy controls.
- Lead process enhancements and optimize access controls.
- Define audit and reporting mechanisms for both internal and vendor teams.
- Deliver best-in-class privacy and data protection for Operations.
- Measure, report, and govern privileged access controls to ensure compliance.
- Document and translate PAM (Privileged Access Management) requirements for technology partners.
- Work cross-functionally to develop and iterate on PAM requirements across Process, Data, and Technology domains.
- Partner with the policy governance team to socialize and publish updates to the PAM Standard.
- Apply mastery of authentication platforms to recommend policies and provisioning processes.
- Ensure alignment with industry regulations and standards, particularly within financial services.
- Proactively identify, assess, and mitigate PAM risks, driving continuous improvement and accountability.
- Report on existing and emerging PAM/information security risks to senior leadership with transparency and clarity.
- Design and execute thorough test strategies for privileged access processes, collaborate on defect resolution, and recommend improvements for usability, resilience, and security.
- Maintain clear, comprehensive records of policies, approval processes, and test outcomes.
- Stay up-to-date with emerging trends and best practices in privileged access management.
- Define and maintain access management policies for different user personas (admin, developer, user, viewer).
- Coach and train team members, ensuring accurate and efficient Human in the Loop processes.
- Oversee the full lifecycle of access (create, edit, delete, view, hide, etc.).
Requirements
- 8+ years of hands-on experience with Access and Privileged Access Management (PAM) operations in a technology-driven environment.
- Demonstrated experience in PAM operational tasks, including safe creation and management, privileged account onboarding, policy development, and least-privilege access model implementation.
- Solid background in identity and access management (IAM) principles and industry best practices.
- Experience with operationalizing Just-In-Time (JIT) privilege models, role-based access controls (RBAC), and enforcing Segregation of Duties (SoD).
- Working knowledge of authentication protocols (e.g., SAML, OAuth, OpenID Connect, Active Directory, LDAP, Kerberos).
- Familiarity with cloud-based privileged access management, including the classification and management of non-human identities (service accounts, API keys, etc.).
- Strong understanding of security standards and regulatory frameworks (NIST, ISO/IEC, FFIEC) relevant to access management.
- Strong SQL abilities, including querying and dashboard creation.
- Clear, concise communication skills, with a proven ability to collaborate across engineering, security, product, and operational teams without a technical background to drive alignment and best-in-class solutions.
- Experience in documenting policies, procedures, and reporting on PAM-related risk and compliance metrics.
- Demonstrated ownership and accountability for continuous improvement in PAM controls and risk management.
- Proactive in identifying and mitigating security risks related to privileged access.
- Comfortable working in a fast-paced environment and contributing to cross-functional or global initiatives.
- Demonstrated ability to build and coach teams.
- Familiarity with access management challenges specific to cloud-native environments (AWS, GCP, Azure).
- Involvement in developing or maintaining Privileged Access Management strategies that address both human and non-human identities, including business users, developers, and service accounts.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- SQL
Benefits
- This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits.