Common Securitization Solutions

Welcome page

Director of Identity and Access Management

Job Locations US-Remote
Job ID
2024-2282
# of Openings
1
Category
Information Security/Cyber Risk
Type
Regular Full-Time

OVERVIEW

 

The Company

 

Common Securitization Solutions (CSS) is seeking an experienced Director of Identity and Access Management to join our team of talented professionals. This is a full-time remote opportunity. 

 

CSS built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

 

Supporting 70% of the mortgage-backed securities in the market, CSS provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

 

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES

 

Job Information

Key responsibilities will include developing, implementing, operating and maintaining CSS’s IAM policies, processes and technologies. The Director will lead a talented team of IAM analysts and engineers supporting the IAM program. The Director of IAM will own all requirements for identity and access management operations in CSS and will align controls to NIST 800-53 Rev. 5. The Director will partner with technology and business operations teams and other stakeholders, understand the business cases for access management, document standard operating procedures and support all audit and third-party assessment of the IAM controls.

 

The position provides an opportunity to be a part of a thriving, can-do start-up culture using the latest in technology and tools to build and secure a cloud native, advanced financial services processing platform.

 

Key Job Functions

 

  • Develop and communicate a comprehensive IAM strategy aligned with the organization's business goals and compliance requirements.
  • Establish and enforce IAM policies, procedures, and standards to mitigate security risks and ensure compliance with industry regulations.
  • Continuously assess and update IAM policies in response to evolving threats and changes in the business landscape.
  • Adopt a data-driven approach supported by automation using cutting-edge technologies and solutions to meet the organization's security and access control requirements.
  • Integrate IAM solutions seamlessly with existing systems and applications, ensuring minimal disruption to business operations.
  • Support integration of IAM services with ServiceNow by identifying areas of need or improvements, providing requirements, and performing user acceptance, with the goal being to maximize automation.
  • Collaborate with InfoSec Architecture, Engineering and Infrastructure teams to provide requirements for new identity management tools for automated provisioning and recertification
  • Conduct regular risk assessments related to identity and access management, identifying potential vulnerabilities and implementing mitigation strategies.
  • Continuously monitor all Critical Security Controls for IAM, identify, report, plan and remediate control failures and/or issues identified
  • Gather evidence of controls operations and report to control assessors and audit teams and ensure successful SOC2 and NIST control assessment reports for IAM.
  • Participate in Cyber Security Incident Response Processes, incident investigations and tabletop simulations to represent IAM.

QUALIFICATIONS

 

Education   

  • Bachelor's of Science degree or equivalent experience in an IT related field required.

 

Minimum Experience  

 

  • Minimum of 10 years hands on experience in Identity and Access Management domain
  • Demonstrated experience operating IAM controls in a financial services organization or other regulated and highly controlled environment.
  • People leadership and team management experience is a must.
  • Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.

 

Specialized Knowledge & Skills     

  

  • Possess a deep understanding of Identity Life Cycle Processes, Access Certification, and Identity Governance concepts.
  • Proven, hands-on experience with AWS IAM, Azure Entra ID, Microsoft Active Directory, Azure Federation Services, SailPoint Identity, SailPoint AI, OKTA, Oracle, MS SQL and other leading Identity and Access Management products.
  • Proven experience with Privilege Access Management technologies such as Thycotic Secret Server (Delinea) is a strong plus. Experience with other PAM technologies is preferred.
  • Understanding of SOX, SOC2, SOC1 related identity management information security controls and their operation.
  • Strong understanding of Zero Trust Architecture and tenets including but not limited to Least Privilege, Segregation of Duties etc.
  • Strong analytics skills and proven ability to drive process efficiencies and control enhancements using data is a MUST.
  • Ability to document and explain risks and vulnerabilities to both business and technical stakeholders.
  • Understanding of emerging technologies such as GenAI and knowledge of practical implementation of such technologies in the context of IAM is preferred.
  • Experience managing people, mentoring & guiding members of the team to be successful. 
  • Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
  • Ability to manage multiple priorities – projects, deliverables, and stakeholders.
  • Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.
  • Active in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.

Pay Range $208,500 to $235,750

CSS’s pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate’s qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.  CSS offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits.

 

Employment

As a condition of employment with Common Securitization Solutions, any successful job applicant will be required to  successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.   

     

Common Securitization Solutions is an Equal Opportunity Employer.

 

##LI-Remote

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.