At Exeter Finance, we are committed to helping customers find the right financing for their next vehicle purchase. By building strong relationships with our customers and network of dealer partners we are able to give options that make sense, getting customers behind the wheel of their car.
Every team member is integral to our success. Whether you’re at a servicing center helping customers with their loans, in the field building relationships with dealers, or supporting the company from its corporate offices, you'll enjoy a nurturing, invigorating and positive work environment.
Our vision is to be a premier finance company and lender of choice known for its People, Performance and Service.
Job Description
This position is hybrid and will be required to be in office two times per month for collaboration working sessions.
Job Summary
The Director of Identity & Access Management is responsible for the execution of implementing sustainable operations that will reduce Exeter’s overall security risk and exposure. The Director must have expertise in IAM, SSO, Federation and MFA technologies and tools. Communicates highly complex ideas, anticipates potential objections, and persuades others, often at senior levels, to adopt defined standards. Leader will ensure operational efficiencies are achieved for IAM practices across the Enterprise and reflected by industry, regulatory compliance alignment (FFIEC, GLBA, PCI, SOX). This role ensures Identity Access Management (IAM) is positioned for ongoing adherence to regulatory controls.
Job Duties
- Oversees the Identity and Access Management Services including Identity Governance, Access Management and/or Privileged Access Management by leading business unit collaboration to effectively deliver Identity and Access Management (IAM) services and activities.
- Conducts and performs the security system needs and assessments using mastery of domain knowledge and extensive business experience. Designs, evaluates, and selects product, process and service improvements for identity and access management based on thorough understanding of business needs and industry trends.
- Lead, implement and maintain sustainable IAM programs, processes, and procedures to ensure continuity of business operations within the security controls while collaborating with cross functional IT teams on delivery. This includes training, mentorship, and performance management.
- Accountable for ongoing monitoring and implementation of regulatory changes that would impact security controls structure in a timely manner. Develop and enhance KPI’s/metrics for operational aspects of Information Security.
- Ensure ongoing monitoring, strategy and implementation to regulatory and industry level changes in requirements.
- Other duties as assigned.
Education and Experience
- Bachelor's Degree in Computer Science or equivalent work experience in absence of degree.
- Eight (8) plus years of job-related experience, with three (3) plus years of management experience.
- A minimum of eight years of experience with IAM, preferably in a corporate environment being accountable for large scale IAM transformation programs.
- Well versed with implementing Identity Access Management (IAM) platforms (Sailpoint, OKTA, Centrify, Ping, Microsoft) and defining associated parameters for user provisioning, SSO, self-service use cases.
- Extensive knowledge and experience in Information Security operational concepts (both technical and organizational requirements).
- Well versed in aligning a financial organization to various regulatory and/or business enabling requirements such as SOX, FFIEC, GLBA, PCI.
- Familiarity with IT Security Risk Management frameworks (NIST CSF, ISO 27000, COBIT).
- Effective communication and influence skills at all levels including staff, executive leadership, end-users, and vendors, both technical and non-technical.
- Skill in organizing resources and establishing priorities for the continually growth and process improvement model. Ability to drive efficient work strategies and establish a strong functional role-based organization.
Job Summary
Responsible for the planning, building, delivery and support of the IAM program. Will provide direction and guidance to the development, specifications, and communications of the IAM application and architecture, as well as provide in-depth technical consultation to the Exeter business units along with IT management and assist in developing plans and direction for the integration of information security requirements.
Job Duties
- Develop and oversee a program encompassing all IAM disciplines including identity governance and administration, (IGA), Access Management, (SSO, MFA), privileged access management and identity verification, (ID Proofing, etc.)
- Integrate the use of technology-based tools or methodologies to review, design and/or implement products and services to provide a strong IAM program that balances access with compliance, confidentiality, and business requirements.
- Own the lifecycle management of IAM technologies and its associated infrastructure along with coordination from dependent technology teams.
- Align IAM processes across the organization and develop and document standards for organizational use—specifically as it relates to customer identity and access.
- Partner with the cybersecurity organization to understand and solve for the broader impact of current decisions related to user access, data access and information security.
- Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement as it relates to IAM.
- Assist in ensuring compliance with Exeter’s IT policies and procedures, including training, mentorship, and performance management.
- Complete other duties as assigned.
Education and Experience
- Bachelor’s degree in Technology, Business, or equivalent work experience required.
- Eight plus (8+) years’ experience in Identity Access Management, with four (4) years of management experience.
- Experience in Identity management areas inclusive of single sign-on (SSO), multi-factor authentication (MFA), data management, identity federation, enterprise directory architecture and design, and process integration.
- Deep identity and access governance experience including role-based access control, access request and certification, user life cycle management processes and organizational change management.
- Experience with administrating authentication technologies, such as Microsoft Active Directory/Windows authentication, OAuth, SAML, Azure AD, and federated identity management.
- Familiarity with implementing technical architecture that integrates identity management, access management and access governance software into enterprise infrastructure and applications.
- Ability to multi-task under pressure and manage to tight deadlines or unexpected changes in expectations or requirements without sacrificing quality.
- Exceptional verbal and written communication skills.
- Strong analytical skills with an ability to dive deep, summarize, and communicate important data.
- Ability to work between technical and non-technical associates to create mutual understanding of concepts.
Experience in the auto or finance technology industry preferred.
Experience in risk, compliance GRC preferred.
Experience with industry standard IGA (Identity Governance and Administration) tools is preferred.
Exeter Finance LLC is an Equal Opportunity Employer.
Individual compensation packages are based on various factors unique to each candidate including skill set, experience, qualifications and other job-related reasons.
117,500.00 USD-$170,750.00
#J-18808-Ljbffr