Senior Information Security Engineer - IAM

SUMMARY

The Senior Identity and Access Management (IAM) Lead will spearhead the strategic design, implementation, and governance of IAM frameworks to protect critical banking systems, customer data, and financial applications. This senior-level role requires a visionary leader to oversee enterprise-wide IAM strategies, including user access controls, authentication mechanisms, identity governance, and domain architecture, while ensuring strict adherence to banking regulations, security policies, and industry best practices. The ideal candidate will bring extensive technical expertise in IAM technologies, a proven track record in the financial services sector, and exceptional leadership skills to drive collaboration across business units, IT teams, and executive stakeholders.

MAJOR DUTIES AND RESPONSIBILITIES (ESSENTIAL FUNCTIONS)

• Strategic Architecture and Leadership: Lead the design, deployment, and evolution of IAM solutions, including identity governance, single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM), tailored to the banking environment.
• Enterprise Access Governance: Direct the end-to-end management of user identities and access rights across hybrid environments (on-premises, cloud, and third-party systems), overseeing joiner, mover, leaver processes with a focus on risk mitigation and operational efficiency.
• System Integration and Innovation: Drive the integration of IAM systems with core banking platforms, financial applications, and external services (e.g., Active Directory, LDAP, Azure AD, Okta, Jack Henry), ensuring seamless and secure interoperability.
• Policy and Standards Development: Partner with Risk Management, Compliance, and Enterprise Security teams to establish and enforce IAM policies, roles, and controls aligned with banking regulations (e.g., FFIEC, GLBA, GDPR, CCPA).
• Performance and Risk Oversight: Monitor and optimize IAM systems for performance, security posture, and compliance; proactively identify vulnerabilities and implement enhancements to safeguard against emerging threats.
• Incident Management and Resolution: Lead investigations and responses to high-impact IAM-related security incidents, such as unauthorized access or privilege escalation, coordinating with incident response teams and senior leadership.
• Automation and Process Efficiency: Champion the use of automation tools and scripting (e.g., Python, PowerShell, Terraform) to streamline IAM workflows, including provisioning, access reviews, and audit preparation.
• Team Leadership and Mentorship: Provide strategic direction and mentorship to IAM engineers, fostering a culture of technical excellence and collaboration across IT and business functions.
• Documentation and Reporting: Oversee the creation and maintenance of comprehensive IAM documentation, including architecture designs, process workflows, and compliance reports for executive and regulatory audiences.
• Regulatory Compliance and Audits: Ensure IAM practices align with banking standards and regulatory requirements (e.g., SOX, PCI DSS, FFIEC); lead audit preparations and represent IAM in regulatory reviews.

Additional Duties and Responsibilities

• Adherence to all First United Policies and Procedures.
• Performs other related duties as required and assigned.
• Complete all required compliance exams on an annual basis

EMPLOYEE SPECIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Required Education and Work Experience

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• Highly technical and analytical expertise, with a proven deep background. 5+ years of experience in Identity and Access Management, with at least 2 years in a senior or lead role.

• Preferred Certifications: CISSP, CISM, CIAM, or vendor-specific certifications (e.g., Okta Certified Professional, SailPoint IdentityIQ Engineer etc).

Knowledge and/or hands on experience in some of the following areas:

• Expertise in enterprise IAM platforms (e.g., SailPoint, Saviynt, Okta, BeyondTrust, Delinea) and their application in banking environments.
• Advanced understanding of authentication protocols (e.g., SAML, OAuth, OpenID Connect, Kerberos) and their integration with financial systems.
• Deep experience with directory services (e.g., Active Directory, LDAP, Entra ID, Okta Universal Directory) and their role in securing banking infrastructure.
• Proficiency with cloud platforms (e.g., AWS, Azure, Google Cloud) and their IAM frameworks, with a focus on hybrid deployments.
• Strong scripting and programming skills (e.g., Python, PowerShell, Java) to automate IAM processes and enhance operational resilience.
• Comprehensive knowledge of banking security controls (e.g., SIEM, PKI, IDAM, firewalls) and modern solutions (e.g., EDR, threat intelligence, deception technologies) as they relate to identity architecture.
• Proven experience implementing cloud-based security policies and operational practices in regulated financial environments.
• Mastery of regulatory frameworks and standards, including FFIEC, ISO 27001, NIST 800-53, PCI DSS, SOX, and SOC 2.
• Extensive experience with security audits, log analysis, and risk assessments.
• Exceptional communication skills, with the ability to present complex technical concepts to auditors and regulators.
• Strategic and tactical problem-solving skills, with a demonstrated ability to make high-stakes decisions in a fast-paced environment.

NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as assigned by supervisor to meet the ongoing needs of the organization.

#LI-MD3

If any applicant is unable to complete an application or respond to a job opening because of a disability, please email us at HR@firstunitedbank.com for assistance.