PAM Governance Engineer, VP
About The Position
The Infrastructure Access and Privileged Management (IAPM) Governance Vice President plays a critical role in establishing and maintaining the firm’s privileged access governance framework. This position provides enterprise-wide oversight of privileged access controls, ensuring alignment with internal risk standards, regulatory expectations, and audit requirements. The Vice President works closely with technology, security, risk, compliance, and audit partners to ensure privileged access is appropriately designed, governed, measured, and remediated across all platforms and environments. The role requires strong technical expertise in IAM and PAM solutions, strong critical thinking and problem-solving skills, and excellent communication skills.
What You Will Be Doing
- Lead cross-departmental teams to design and implement manual and automated controls for all PAM policies.
- Establish and enforce least-privilege standards, role categorization, entitlement governance, and access certification coverage for privileged access.
- Own and oversee PAM-related controls, metrics, and key risk indicators, including board-level and regulatory reporting.
- Develop, maintain, and execute IAM and PAM governance SOPs, ensuring processes are repeatable, defensible, and audit-ready.
- Partner with technology and platform owners to review privileged access designs, role changes, compensating controls, and remediation plans.
- Serve as a primary point of contact for audit, risk, and regulatory inquiries related to privileged and elevated access.
- Identify control gaps and emerging risks, drive remediation activities, and track issues to closure.
- Provide expert advisory guidance on privileged access solutions, including firecall access, time-bound access, MFA enforcement, and non-persistent access models.
- Ensure consistent governance and documentation across on-prem, cloud, and hybrid environments.
Required Qualifications
- 12+ years of experience in IAM or PAM related positions.
- Bachelor’s degree in a technical discipline or work experience in supporting infrastructure systems.
- Strong understanding and experience with IAM and PAM tools and processes, especially CyberArk and SailPoint.
- Strong understanding of Active Directory and Windows technologies.
- Understanding of cybersecurity principles related to privileged access management.
- Superior critical thinking and problem-solving skills.
- Proven success engaging with and influencing large groups of stakeholders across the enterprise.
- Excellent written and verbal communications skills.
Pay
$120,000 - $202,500 Annual
Benefits
Employees are eligible to participate in State Street’s comprehensive benefits program, which includes:
- our retirement savings plan (401K) with company match;
- insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages;
- paid-time off including vacation, sick leave, short term disability, and family care responsibilities;
- access to our Employee Assistance Program;
- incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans);
- and, eligibility for certain tax advantaged savings plans.
For a full overview, visit https://hrportal.ehr.com/statestreet/Home.