LPL Financial
VP, Identity Governance & Administration and Privileged Access Management
LPL Financial, San Diego, California, United States, 92189
VP, Identity Governance & Administration and Privileged Access Management
The Vice President of Identity Governance & Administration (IGA) and Privileged Access Management (PAM) will lead the enterprise-wide strategy, governance, and execution of identity and access security initiatives. This role combines strategic vision, executive leadership, and technical expertise in SailPoint IIQ, CyberArk, and Conjur to protect critical systems, support regulatory compliance, and enable secure business growth. The VP will partner with senior executives, business leaders, auditors, and regulators while leading a high-performing IAM organization.
Responsibilities
Strategic Leadership
Define and execute the enterprise IAM vision and roadmap with a focus on IGA and PAM maturity.
Champion the adoption of Zero Trust principles and modern identity-first security practices.
Program & Technical Management
Lead design, deployment, and operations of SailPoint IdentityIQ (IIQ) for identity lifecycle management, RBAC, certifications, and compliance reporting.
Oversee CyberArk PAM Suite for credential vaulting, session monitoring, privilege elevation, and automated rotation.
Drive adoption of CyberArk Conjur for secrets management, DevOps and CI/CD integration, and secure application-to-application credential handling.
Establish integration strategies between IGA, PAM, cloud identity providers (Azure AD, ForgeRock, AWS IAM), and enterprise systems.
Enable automation of provisioning, de-provisioning, and access workflows to reduce risk and improve efficiency.
Risk & Compliance
Ensure IAM policies, controls, and reporting align with SOX, PCI-DSS, HIPAA, GDPR, NIST, ISO 27001, and other regulatory standards.
Lead periodic access reviews, privileged account audits, and risk assessments.
Act as executive liaison with internal and external auditors.
Collaboration & Stakeholder Management
Partner with CIO, CISO, business executives, and compliance leaders to align IAM with enterprise priorities.
Provide IAM strategy input into cloud adoption, M&A integrations, and digital transformation initiatives.
Communicate complex IAM risks and opportunities to senior stakeholders and the board in business terms.
Team Leadership
Build, lead, and mentor a team of AVPs, Sr. Engineers, and subject matter experts across IGA and PAM domains.
Foster a culture of accountability, innovation, and continuous improvement.
Ensure ongoing training and certification in SailPoint, CyberArk, and related IAM technologies.
What are we looking for? We’re looking for strong collaborators who deliver exceptional client experiences and thrive in fast-paced, team-oriented environments. Our ideal candidates pursue greatness, act with integrity, and are driven to help our clients succeed. We value those who embrace creativity, continuous improvement, and contribute to a culture where we win together and create and share joy in our work.
Required
Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
15+ years of IT security experience
10+ years in Identity & Access Management, including at least 5 years in a senior leadership role.
Proven success in designing and operating enterprise-scale IGA and PAM programs.
Deep hands-on technical expertise in:
SailPoint IIQ: Role modeling, workflows, connector development, certifications, lifecycle management.
CyberArk PAM Suite: Vault architecture, privileged session management, API/SDK integration, credential rotation.
CyberArk Conjur: Secrets management for DevOps pipelines, Kubernetes and container integrations, policy-as-code deployment.
Core Competencies
Strong knowledge of hybrid identity (Azure AD, ForgeRock, AWS IAM).
Familiarity with compliance frameworks: SOX, GLBA, PCI-DSS, HIPAA, GDPR, NIST, ISO 27001.
Exceptional leadership, communication, and business stakeholder management skills.
Preferred
Experience with large-scale IAM transformation programs in regulated industries (financial services, healthcare, etc.).
Knowledge of Zero Trust and identity-centric security architectures.
Familiarity with automation and orchestration tools (Ansible, Terraform, Jenkins, CI/CD).
Relevant certifications: CISSP, CISM, SailPoint IdentityIQ Engineer, CyberArk Defender/Sentry, Conjur Contributor.
Pay Range $143,100-$238,500/year
Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more.
Company Overview LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. LPL supports over 29,000 financial advisors and the wealth-management practices of 1,100 financial institutions, servicing and custodying approximately $1.9 trillion in brokerage and advisory assets for about 7 million Americans. The firm provides a wide range of services and technology to help advisors run thriving businesses.
Apply Information Join LPL Financial: Where Your Potential Meets Opportunity. To apply, please log in or create an account. Principals only. EOE. Information on Interviews: LPL will only communicate from an @lplfinancial.com email address and will not conduct interviews online or in chat rooms. For questions, contact LPL’s Human Resources Solutions Center at (855) 575-6947.
#J-18808-Ljbffr
Responsibilities
Strategic Leadership
Define and execute the enterprise IAM vision and roadmap with a focus on IGA and PAM maturity.
Champion the adoption of Zero Trust principles and modern identity-first security practices.
Program & Technical Management
Lead design, deployment, and operations of SailPoint IdentityIQ (IIQ) for identity lifecycle management, RBAC, certifications, and compliance reporting.
Oversee CyberArk PAM Suite for credential vaulting, session monitoring, privilege elevation, and automated rotation.
Drive adoption of CyberArk Conjur for secrets management, DevOps and CI/CD integration, and secure application-to-application credential handling.
Establish integration strategies between IGA, PAM, cloud identity providers (Azure AD, ForgeRock, AWS IAM), and enterprise systems.
Enable automation of provisioning, de-provisioning, and access workflows to reduce risk and improve efficiency.
Risk & Compliance
Ensure IAM policies, controls, and reporting align with SOX, PCI-DSS, HIPAA, GDPR, NIST, ISO 27001, and other regulatory standards.
Lead periodic access reviews, privileged account audits, and risk assessments.
Act as executive liaison with internal and external auditors.
Collaboration & Stakeholder Management
Partner with CIO, CISO, business executives, and compliance leaders to align IAM with enterprise priorities.
Provide IAM strategy input into cloud adoption, M&A integrations, and digital transformation initiatives.
Communicate complex IAM risks and opportunities to senior stakeholders and the board in business terms.
Team Leadership
Build, lead, and mentor a team of AVPs, Sr. Engineers, and subject matter experts across IGA and PAM domains.
Foster a culture of accountability, innovation, and continuous improvement.
Ensure ongoing training and certification in SailPoint, CyberArk, and related IAM technologies.
What are we looking for? We’re looking for strong collaborators who deliver exceptional client experiences and thrive in fast-paced, team-oriented environments. Our ideal candidates pursue greatness, act with integrity, and are driven to help our clients succeed. We value those who embrace creativity, continuous improvement, and contribute to a culture where we win together and create and share joy in our work.
Required
Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
15+ years of IT security experience
10+ years in Identity & Access Management, including at least 5 years in a senior leadership role.
Proven success in designing and operating enterprise-scale IGA and PAM programs.
Deep hands-on technical expertise in:
SailPoint IIQ: Role modeling, workflows, connector development, certifications, lifecycle management.
CyberArk PAM Suite: Vault architecture, privileged session management, API/SDK integration, credential rotation.
CyberArk Conjur: Secrets management for DevOps pipelines, Kubernetes and container integrations, policy-as-code deployment.
Core Competencies
Strong knowledge of hybrid identity (Azure AD, ForgeRock, AWS IAM).
Familiarity with compliance frameworks: SOX, GLBA, PCI-DSS, HIPAA, GDPR, NIST, ISO 27001.
Exceptional leadership, communication, and business stakeholder management skills.
Preferred
Experience with large-scale IAM transformation programs in regulated industries (financial services, healthcare, etc.).
Knowledge of Zero Trust and identity-centric security architectures.
Familiarity with automation and orchestration tools (Ansible, Terraform, Jenkins, CI/CD).
Relevant certifications: CISSP, CISM, SailPoint IdentityIQ Engineer, CyberArk Defender/Sentry, Conjur Contributor.
Pay Range $143,100-$238,500/year
Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more.
Company Overview LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. LPL supports over 29,000 financial advisors and the wealth-management practices of 1,100 financial institutions, servicing and custodying approximately $1.9 trillion in brokerage and advisory assets for about 7 million Americans. The firm provides a wide range of services and technology to help advisors run thriving businesses.
Apply Information Join LPL Financial: Where Your Potential Meets Opportunity. To apply, please log in or create an account. Principals only. EOE. Information on Interviews: LPL will only communicate from an @lplfinancial.com email address and will not conduct interviews online or in chat rooms. For questions, contact LPL’s Human Resources Solutions Center at (855) 575-6947.
#J-18808-Ljbffr