VP, Identity & Access Management - BISO
Jefferies · Jersey City, NJ · 1 wk ago
Management$145k–$200k/yrFull-time
Key Responsibilities
- Lead the day-to-day execution of the enterprise Segregation of Duties (SoD) initiative, including risk assessment, policy enforcement, and remediation tracking.
- Partner with business owners, IT application teams, and control partners to define, validate, and refine SoD rulesets and conflict matrices.
- Facilitate prioritization of SoD issues and deliver regular reporting to senior stakeholders, including dashboards and KPI tracking.
- Act as the primary liaison between Global Information Security and assigned business units, understanding their processes, applications, and risk landscape.
- Conduct workshops, working sessions, and recurring governance meetings with business and IT teams (e.g., SOD Weekly Management Connect) to drive alignment and resolve issues.
- Communicate program updates, risks, and requirements to senior leaders in a clear and actionable manner.
- Collaborate with application owners to ensure appropriate role design, access certifications, and control implementation that reduce SoD violations.
- Support annual and ongoing certification cycles, partnering with business and technology teams (e.g., 2026 Certification Process sessions) to ensure compliant execution.
- Work with audit, compliance, and risk teams to support assessments and drive closure of identified issues.
- Maintain and enhance SoD standards, procedures, and governance artifacts.
- Recommend and drive improvements to tooling, automation, reporting, and integration with IAM systems (e.g., IGA platform, entitlement data quality, and application onboarding).
- Monitor control performance and identify opportunities to tighten controls or reduce manual effort.
- Cross-functional Collaboration
- Coordinate with IAM engineering, security architecture, compliance, internal audit, application teams, and external partners.
- Serve as an internal subject matter expert on SoD and access risk.
Required Qualifications
- 5–10 years of experience in Information Security, Risk Management, IT Governance, Identity & Access Management, or related fields.
- Direct experience with Segregation of Duties frameworks, access control models, and entitlement governance.
- Strong understanding of business processes in financial services (e.g., trade lifecycle, finance, operations, regulatory reporting).
- Proven track record of managing cross-functional programs and driving outcomes with business and technology teams.
- Exceptional communication, facilitation, and relationship-building skills.
- Ability to interpret complex technical and business issues and translate them into actionable plans.