Description
As the Senior IT Security Manager, you are responsible for the tactical direction, execution, and administration of all aspects of services rendered from the Identity and Access Management (IAM) organization. The Senior IT Security Manager is expected to provide strategic direction for their function aligned to the needs of the enterprise and industry best practices.
Scope of the role includes one or more of the following service areas: Identity and Access Management (IAM), Customer Identity and Access Management (CIAM), Provisioning, Identity Lifecycle Management, Data Management, Security Environment Management, Access Governance, Authentication Services, Privileged Access Management (PAM), Security Operations, and Security Program Management.
The Senior IT Security Manager typically has direct management responsibility for staff, including senior engineers, architects, and security professionals, and may manage team managers. This leader is accountable for one or more critical aspects of the overall Information Security program and serves as a key technology leader within the enterprise security organization.
Reporting to the IT Security Director, this role is responsible for establishing, defining, and managing the technology strategy and roadmap related to Identity and Access Management capabilities across the enterprise. This individual will play a critical role in driving collaboration across technology, security, digital, fraud, architecture, risk, and business teams to ensure a unified and scalable identity strategy.
This position serves as the technology execution leader for Customer Identity and Access Management (CIAM), responsible for translating strategic vision into secure, scalable, and resilient technology solutions that support Citizens' digital banking customers and enterprise identity initiatives.
Primary Responsibilities
- Establish and execute the long-term technology strategy and roadmap for Identity and Access Management (IAM) and Customer Identity and Access Management (CIAM) capabilities.
- Lead the design, implementation, and evolution of customer authentication, identity lifecycle management, registration, account recovery, access governance, authorization, and identity proofing capabilities.
- Drive engineering standards, technology governance, integration patterns, and best practices across identity-related platforms and services.
- Partner closely with Product Management, Enterprise Architecture, Cybersecurity, Fraud, Risk, Infrastructure, and Digital teams to ensure alignment between business objectives and technology execution.
- Evaluate emerging technologies, industry trends, and best practices to continuously improve security posture, customer experience, operational efficiency, and platform resiliency.
- Develop scalable, secure, and highly available identity solutions that support enterprise growth and evolving business needs.
- Lead technology delivery efforts supporting authentication modernization initiatives, including passwordless authentication, adaptive authentication, risk-based authentication, multifactor authentication (MFA), and identity federation.
- Establish and maintain technology roadmaps, investment strategies, and capability plans aligned to enterprise objectives.
- Collaborate with peer technology leaders across the organization to ensure effective integration of security principles into product selection, application development, infrastructure design, cloud adoption, and operational management.
- Manage the development, deployment, and execution of security controls and defenses to ensure the confidentiality, integrity, and availability of enterprise systems and customer information.
- Analyze business needs and establish priorities for identity security investments, operational improvements, and technology modernization efforts.
- Establish and implement standards related to authentication, authorization, identity governance, access controls, encryption, and privileged access management.
- Evaluate potential business impacts from security threats and technology risks while providing strategic and tactical guidance to business and technology stakeholders.
- Ensure timely, accurate, and transparent communication with leadership, stakeholders, and business partners regarding roadmap progress, operational metrics, risks, and strategic initiatives.
- Balance operational demands, technology modernization efforts, regulatory requirements, and business priorities in a fast-paced environment.
- Build, mentor, and develop high-performing teams while fostering a culture of accountability, innovation, collaboration, and continuous improvement.
- Select, develop, and evaluate personnel to ensure the efficient operation and future scalability of the organization.
- Foster a customer-focused mindset while maintaining the highest standards of security, regulatory compliance, operational excellence, and service delivery.
Required Qualifications
- Bachelor's Degree in Computer Science, Information Security, Engineering, Information Systems, or a related field, or equivalent work experience.
- 10+ years of experience in Information Security, Identity and Access Management (IAM), Customer Identity and Access Management (CIAM), Cybersecurity, or related technology disciplines.
- 5+ years of leadership experience managing technology teams, security engineering functions, or enterprise security programs.
- Deep understanding of identity and access management concepts, including:
- Authentication
- Authorization
- Federation
- Identity Lifecycle Management
- Access Governance
- Privileged Access Management
- Role-Based Access Control (RBAC)
- Experience designing, implementing, and managing enterprise-scale IAM or CIAM platforms.
- Strong understanding of authentication and federation protocols, including:
- SAML
- OAuth 2.0
- OpenID Connect (OIDC)
- FIDO2
- Passkeys
- Multi-Factor Authentication (MFA)
- Experience partnering with Architecture, Engineering, Product Management, Risk, Compliance, Fraud, Security, and Business stakeholders.
- Proven ability to develop technology strategies, roadmaps, and investment plans.
- Experience leading large-scale technology transformation initiatives and complex security programs.
- Strong understanding of cloud platforms including AWS, Microsoft Azure, and/or Google Cloud Platform.
- Knowledge of security frameworks, regulatory requirements, and risk management practices associated with highly regulated industries.
- Strong analytical, problem-solving, organizational, and decision-making capabilities.
- Exceptional written, verbal, presentation, and executive communication skills.
Preferred Qualifications
- Master's Degree in Cybersecurity, Computer Science, Engineering, Information Systems, Business Administration, or related discipline.
- Experience leading Customer Identity and Access Management (CIAM) programs within the banking, financial services, fintech, or other highly regulated industries.
- Direct experience with one or more identity platforms, including:
- Ping Identity
- ForgeRock
- Okta
- Auth0
- Microsoft Entra ID
- SailPoint
- CyberArk
- Experience modernizing enterprise authentication platforms and implementing passwordless authentication solutions.
- Strong understanding of Zero Trust Architecture principles and modern cybersecurity practices.
- Experience supporting enterprise digital transformation, fraud prevention, customer experience modernization, and identity security initiatives.
- Professional certifications preferred:
- CISSP
- CISM
- CCSP
- Certified Identity and Access Manager (CIAM)
- TOGAF
- AWS Security Certification
- Microsoft Security Certification
Hours & Work Schedule
Hours per Week: 40
Work Schedule: Monday – Friday
Work Arrangement: Hybrid. Candidates should reside within reasonable commuting distance of a Citizens Bank hub location. Remote consideration may be available for exceptionally qualified candidates based on business need.
Pay Transparency
The salary range for this position is $170,000 - $230,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.
We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens’ paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits .