Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformVaultAnalyticsGCPGoogle CloudIAMCI/CDLeadershipResource PlanningCloud SecurityZero Trust
About this role
Role Overview
- Shape and execute Vanguard’s global PAM strategy, roadmap, and operating model
- aligning to enterprise risk reduction and Zero Trust principles
- Represent the PAM program in executive forums, risk committees, and governance bodies, providing vision, metrics, and KPIs
- Lead, inspire, and develop engineering teams covering credential vaulting, secrets management, session monitoring, JIT access, and cloud PAM capabilities
- Drive a culture of innovation, technical excellence, and continuous improvement
- Design, maintain, and enforce enterprise‑wide PAM policies that balance security, usability, and operational efficiency
- Partner with Risk, Compliance, Legal, and Audit teams to ensure PAM policies meet regulatory, audit, and control requirements
- Translate strategy into actionable delivery plans with measurable milestones and outcomes with a direct focus on Just-in-Time capabilities
- Oversee design, implementation, and scaling of enterprise PAM solutions (e.g., CyberArk, cloud-native PAM, secrets management platforms)
- Manage budgets, resource planning, capacity, performance evaluations, and vendor/partner relationships
- Partner with cybersecurity, cloud engineering, infrastructure, and application teams to integrate PAM into CI/CD pipelines, cloud entitlements, and privileged workflows
- Ensure PAM capabilities meet regulatory, audit, and compliance requirements across global environments.
Requirements
- Minimum 8 years in Cyber-security or IAM, with at least 4-6 years in leadership roles
- Bachelor's degree in computer science, Information Security, Engineering, or related fields
- Relevant certifications: CISSP, CISM, GIAC (GPAM, GCIH), or cloud security certifications (CCSP, AWS/Azure security)
- Experience in financial services or other heavily regulated industries is strongly preferred
- Deep experience implementing and managing enterprise PAM platforms (CyberArk, BeyondTrust, HashiCorp Vault, or equivalent)
- Strong understanding of Zero Trust, least privilege models, secrets management, credential lifecycle management, and identity centric security
- Experience securing hybrid and multi-cloud environments (AWS, Azure, GCP)
- Familiarity with session recording, JIT provisioning, privileged analytics, and automation
- Experience leading PAM integrations with SIEM, SOAR, EDR, and IGA/IDM Identity governance systems
- Knowledge of regulatory standards including SOX, SOC, SEC, GDPR & GS 007 guidelines.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- Vault
Benefits
- comprehensive health and wellness care
- work-life balance
- an investment in your future