VP, IAM Assurance Leader (L13)

Role Title: VP, IAM Assurance Leader (L13)

Role Summary/Purpose:

We are seeking an innovative and results-driven leader to serve as VP, IAM Assurance Leader, responsible for leading the IAM Services Assurance function overseeing key controls across all centralized and decentralized IAM services. This role will work closely with IAM product owners and engineering teams to ensure adherence to Synchrony IAM standards and regulatory requirements without disrupting operational delivery.

The ideal candidate will possess deep technical expertise and hands-on experience across IAM controls, assurance operations, and identity/authentication platforms (e.g., Active Directory, LDAP technologies, Beyond Identity, and related IAM services). As a strategic leader, you will guide teams, enable cross-functional collaboration, and drive continuous improvement in the effectiveness, reporting, and automation of IAM controls—particularly in critical areas such as logical access, authentication assurance, privileged access oversight, and control evidence for SOX/PCI and other regulatory obligations. You will blend technology insight with program management discipline to ensure success in execution and delivery, including the creation and modernization of assurance reporting capabilities and the automation of control remediation where appropriate.

Essential Responsibilities:

• Create and Maintain Strategic Roadmaps: Develop and execute multi-year roadmaps to drive innovation, strengthen security posture, meet regulatory requirements, and streamline IAM operations—specifically for IAM assurance capabilities, control monitoring, and evidence automation.
• Stakeholder Engagement: Build and nurture strong relationships across Security Operations, Technology Teams, Governance, Operational Risk, and Internal Audit, ensuring program alignment, audit readiness, and the ability to clearly demonstrate IAM control effectiveness to stakeholders and regulators.
• Risk and Progress Management: Identify, assess, and mitigate technical and organizational risks while regularly reporting blockers, corrective actions, and program milestones to executive leadership; ensure timely remediation of control gaps and recurring defects.
• Solution Design & Automation: Lead and contribute to designing technical solutions for complex automation use cases, driving operational efficiency and scalability—especially automation to detect, track, and remediate IAM control defects.
• Program Integrity: Ensure standards, policies, and procedures are accurately documented and officially maintained for audit and compliance requirements; recommend updates to IAM standards based on security threats, regulatory expectations, and industry trends.
• Performance Tracking: Define, implement, and monitor Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) to measure program maturity and overall effectiveness, including assurance coverage, control pass rates, remediation SLAs, defect recurrence, and reporting timeliness/accuracy.
• Assurance Operations Leadership: Lead assurance activities to track, validate, and remediate key logical access and authentication controls across centralized IAM services (e.g., Active Directory, Oracle LDAP, Beyond Identity) and decentralized implementations as applicable.
• Assurance Reporting Platform Ownership: Manage and evolve the IAM assurance reporting platform(s) used to monitor adherence to Synchrony standards, control design, and operational effectiveness; ensure reporting is accurate, resilient, and audit-ready.
• Agile Partnership with Product Owners: Partner with IAM product owners and delivery teams using Agile methodologies to prioritize and implement control improvements, balancing risk reduction with service stability and customer impact.
• Control Evidence & Audit Support: Ensure the organization can efficiently produce high-quality evidence for SOX, PCI, and other examinations; proactively address audit issues with root-cause correction and sustainable control improvements.
• Documentation & Enablement: Oversee creation, maintenance, and review of operational process documentation and end-user/training materials needed to support consistent execution of IAM assurance activities.
• Problem Resolution: Independently resolve technical challenges while escalating issues with clarity when necessary.
• Perform other critical duties or special projects as assigned.

Qualifications/Requirements:

• BS/BA in Computer Science, Information Technology, Cybersecurity, Business Management, or equivalent, plus 10+ years IT experience, OR in lieu of a degree with 12+ years IT experience demonstrating progressive responsibility.
• Minimum 5 years of experience leading multiple IAM service products (e.g., authentication, privileged access, identity governance) and driving outcomes across both centralized and distributed service models.
• Minimum 5 years of experience developing and improving IAM service processes and reporting on IAM service key controls (design and operating effectiveness).
• Minimum 3 years leading operations or assurance teams, including continuous monitoring, issue management, and control remediation.
• At least 2 years working with Agile methodologies in roles such as Product Owner, Scrum Master, or Technical Lead.
• Minimum 2 years of people management experience, leading teams of 2+ engineers or contractors.

Technical Expertise:

• Strong understanding of IAM directory services, such as Active Directory, LDAP, Oracle LDAP, or similar.
• Experience with assurance reporting, control monitoring dashboards, and/or metrics platforms used to track compliance and remediation status.
• Hands-on experience with Security Control Design and Security Assurance Operations, including defining controls, validating operating effectiveness, and driving remediation.
• Hands-on experience with Unix/Linux Server Access Administration and access security.
• Experience supporting or integrating IAM platforms and processes such as ServiceNow, SailPoint IdentityIQ, privileged access tooling (e.g., Bomgar/BeyondTrust), and authentication technologies (e.g., RSA Authentication Manager or equivalents).

Skills:

• Exceptional written and verbal communication skills for effective cross-team collaboration and executive reporting, including the ability to translate technical risk into business impact.
• Strategic thinker able to develop and articulate long-term program visions and actionable roadmaps.
• Strong organizational and prioritization skills, capable of managing multiple concurrent projects in complex environments.
• Proactive problem solver with the ability to navigate ambiguity and escalate appropriately.
• Strong analytical and clear-thinking skills; ability to interpret control results, identify root causes, and drive durable corrective actions.
• Customer-oriented mindset and ability to reduce friction for product teams while improving assurance outcomes.

Desired Characteristics:

• Proven experience leading large-scale IAM initiatives, including program design, execution, and cross-functional collaboration in complex technical environments.
• Exceptional communication and organizational skills, with a track record of creating and executing long-term strategic roadmaps.
• Strong ability to manage risk and complexity, navigate roadblocks, and drive corrective actions effectively.
• Demonstrated ability to lead, mentor, and manage teams while building partnerships across business units and fostering alignment to organizational goals.
• Strong commitment to providing outstanding customer experiences; ability to balance control compliance with minimal operational disruption.
• Self-starter with a strong sense of urgency and flexibility to change directions quickly while maintaining delivery discipline.
• Experience with the process of creating, maintaining and reviewing operations process & end user training documentation.
• Working knowledge of ServiceNow, SailPoint IdentityIQ, Active Directory, Bomgar/BeyondTrust privileged access, Unix LDAP, and RSA Authentication Manager (or comparable tools).
• Experience working in highly regulated industries (Finance, Healthcare, Government), particularly enterprise-level security in a financial institution.
• Familiarity with compliance standards such as SOX, PCI, FFIEC, GDPR, HIPAA, or NIST cybersecurity frameworks, including NIST 800-63 and logical access control expectations.
• Certifications such as CISSP, CISM, PMP, or relevant IAM-focused certifications.

Eligibility Criteria:

BS/BA in Computer Science, Information Technology, Cybersecurity, Business Management, or equivalent, plus 10+ years IT experience, OR in lieu of a degree with 12+ years IT experience demonstrating progressive responsibility.

Work Timings: 9AM - 5PM EST

Role requires collaboration during India and US business hour overlap windows to support leadership and stakeholder discussions.

For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying
• Inform your manager and HRM before applying for any role on Workday
• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)
• Must not be any corrective action plan (First Formal/Final Formal, LPP)
• L11+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.
• L11+ Employees can apply

Grade/Level: 13

Job Family Group: