Description:
The Senior Manager of Identity and Access Management, Application, and Product Security will report directly to the CISO and is responsible for defining and leading the enterprise strategy that protects corporate systems, digital products, and connected devices from unauthorized access, data loss, and compromise. This role drives a unified approach across IAM, secure software development, and product security — ensuring that the company’s digital ecosystem, cloud applications, and IoT platforms are built and operated with security by design. This role partners closely with Engineering, IT, and Business teams to embed robust security controls, build developer-friendly security practices, and enforce identity governance aligned with business risk appetite and compliance requirements.
Essential Duties And Responsibilities
- Own the enterprise Identity and Access Management (IAM) roadmap covering workforce and customer identity, access governance, privileged access, and federation services
- Lead the implementation and lifecycle management of IAM platforms (e.g., Okta, Azure AD, CyberArk, Ping, SailPoint).
- Partner with HR, IT, and infrastructure teams to automate identity lifecycle and onboarding/offboarding workflows.
- Integrate IAM capabilities with cloud and DevOps environments for seamless CI/CD pipeline access control.
- Define standards, code review practices, and tooling for static, dynamic, and dependency analysis
- Collaborate with software and firmware teams to design secure architectures for web, mobile, and embedded (IoT) products
- Champion “security by design” in product and feature development, including privacy and data-protection by default
- Oversee application security assessments, bug bounty program integrations, and third-party security reviews.
- Partner with product managers, developers, and IT to integrate security objectives into business and technology roadmaps.
- Act as a senior security advisor in architecture reviews, technology selection, and M&A technical due diligence
- Represent Security in governance forums and external assessments (Audits, SOC 2, ISO 27001, or customer security reviews).
- Comply with health and safety guidelines and rules; managers should also ensure compliance across their teams.
- Protect Chamberlain Group’s reputation by keeping information confidential.
- Maintain professional and technical knowledge by attending educational workshops, reading professional publications, establishing personal networks, and participating in professional societies.
- Contribute to the team effort by accomplishing related results and participating on projects as needed.
Supervision Exercised
- Motivate and lead a high performance team by attracting, developing, engaging and retaining team members
- Drive the performance management and compensation processes by communicating job expectations, monitoring and evaluating performance, providing feedback and facilitating employee development per the company’s policies
- Maintain transparent communication by appropriately communicating organization information to team through department meetings, one-on-one meetings, appropriate email, IM and regular interpersonal communications
- Lead and motivate individuals and teams to create a workplace culture that is consistent with the CG mission, vision and values.
Minimum Qualifications
Education/Certifications:
- Bachelor’s degree in business, technology or related field from an accredited college is required. Master’s degree is a plus.
- CISSP, CCSP, CSSLP, CISA, or comparable credentials in IAM or AppSec.
Experience:
- 10 plus years of experience in IT or cyber security.
- Prior experience in deploying and managing IAM and PAM technologies.
- At least 5 years of experience managing a cyber security team in a large global organization