Key skills
Cyber SecurityLinuxOracleServiceNowUnixIAMLDAPActive DirectoryAgileScrumLeadership
About this role
Role Overview
- Create and Maintain Strategic Roadmaps: Develop and execute multi-year roadmaps to drive innovation, strengthen security posture, meet regulatory requirements, and streamline IAM operations—specifically for IAM assurance capabilities, control monitoring, and evidence automation.
- Stakeholder Engagement: Build and nurture strong relationships across Security Operations, Technology Teams, Governance, Operational Risk, and Internal Audit, ensuring program alignment, audit readiness, and the ability to clearly demonstrate IAM control effectiveness to stakeholders and regulators.
- Risk and Progress Management: Identify, assess, and mitigate technical and organizational risks while regularly reporting blockers, corrective actions, and program milestones to executive leadership; ensure timely remediation of control gaps and recurring defects.
- Solution Design & Automation: Lead and contribute to designing technical solutions for complex automation use cases, driving operational efficiency and scalability—especially automation to detect, track, and remediate IAM control defects.
- Program Integrity: Ensure standards, policies, and procedures are accurately documented and officially maintained for audit and compliance requirements; recommend updates to IAM standards based on security threats, regulatory expectations, and industry trends.
- Performance Tracking: Define, implement, and monitor Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) to measure program maturity and overall effectiveness, including assurance coverage, control pass rates, remediation SLAs, defect recurrence, and reporting timeliness/accuracy.
- Assurance Operations Leadership: Lead assurance activities to track, validate, and remediate key logical access and authentication controls across centralized IAM services (e.g., Active Directory, Oracle LDAP, Beyond Identity) and decentralized implementations as applicable.
- Assurance Reporting Platform Ownership: Manage and evolve the IAM assurance reporting platform(s) used to monitor adherence to Synchrony standards, control design, and operational effectiveness; ensure reporting is accurate, resilient, and audit-ready.
- Agile Partnership with Product Owners: Partner with IAM product owners and delivery teams using Agile methodologies to prioritize and implement control improvements, balancing risk reduction with service stability and customer impact.
- Control Evidence & Audit Support: Ensure the organization can efficiently produce high-quality evidence for SOX, PCI, and other examinations; proactively address audit issues with root-cause correction and sustainable control improvements.
- Documentation & Enablement: Oversee creation, maintenance, and review of operational process documentation and end-user/training materials needed to support consistent execution of IAM assurance activities.
- Problem Resolution: Independently resolve technical challenges while escalating issues with clarity when necessary. Perform other critical duties or special projects as assigned.
Requirements
- BS/BA in Computer Science, Information Technology, Cybersecurity, Business Management, or equivalent, plus 10+ years IT experience, OR in lieu of a degree with 12+ years IT experience demonstrating progressive responsibility.
- Minimum 5 years of experience leading multiple IAM service products (e.g., authentication, privileged access, identity governance) and driving outcomes across both centralized and distributed service models.
- Minimum 5 years of experience developing and improving IAM service processes and reporting on IAM service key controls (design and operating effectiveness).
- Minimum 3 years leading operations or assurance teams, including continuous monitoring, issue management, and control remediation.
- At least 2 years working with Agile methodologies in roles such as Product Owner, Scrum Master, or Technical Lead.
- Minimum 2 years of people management experience, leading teams of 2+ engineers or contractors.
- Strong understanding of IAM directory services, such as Active Directory, LDAP, Oracle LDAP, or similar.
- Experience with assurance reporting, control monitoring dashboards, and/or metrics platforms used to track compliance and remediation status.
- Hands-on experience with Security Control Design and Security Assurance Operations, including defining controls, validating operating effectiveness, and driving remediation.
- Hands-on experience with Unix/Linux Server Access Administration and access security.
- Experience supporting or integrating IAM platforms and processes such as ServiceNow, SailPoint IdentityIQ, privileged access tooling (e.g., Bomgar/BeyondTrust), and authentication technologies (e.g., RSA Authentication Manager or equivalents).
Tech Stack
- Cyber Security
- Linux
- Oracle
- ServiceNow
- Unix
Benefits
- best-in-class employee benefits and programs
- career advancement and upskilling opportunities