Bank of America
Identity and Access Management (IAM) Senior Consultant
Bank of America, Washington, District of Columbia, us, 20022
Identity and Access Management (IAM) Senior Consultant
Join to apply for the
Identity and Access Management (IAM) Senior Consultant
role at
Bank of America . At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and a level of flexibility based on role‑specific considerations. This role is highly visible and requires frequent interaction with senior management and key stakeholders. LOB Summary
Global Information Security (GIS) protects bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) ensures appropriate access across heterogeneous technology environments and meeting compliance requirements. What to Expect in Identity & Access Management
The Senior IAM Information Security Controls Lead will analyze, strengthen, and secure the company’s IAM systems and overall risk posture for end user, application, and privileged access management. The individual will be a leader in the IAM innovation space, working with senior leaders to implement new technologies and frameworks. Responsibilities
Define and steer IAM standards, including designing enterprise‑appropriate adherence models, governance, controls and effectiveness management. Drive application/platform IAM modernization approach and program for information & data synchronization/management, moving from legacy manual to modernized identity automation solutions such as connector frameworks. Collaborate with partner cybersecurity, engineering, and compliance teams to develop and align controls with industry standards, mitigate known threat vectors, adopt best practice principles and meet regulatory requirements. Drive optimization and adoption of innovative and transformational strategies, including tooling integrations with enterprise platforms such as Active Directory, Mainframe and Public Cloud. Drive requirements, modernization and derisk efforts for processes, controls, systems and platforms, reducing technical debt, improving identity hygiene and supporting continual risk reduction. Interact with examiners and partners within control oversight organizations such as Audit, Compliance, Operational Risk, Regulators, and independent assessment organizations to represent IAM. Manage, liaise with and oversee currency of documentation, governance routines, and QA processes to capture, drive and improve alignment with standards and controls. Drive access management product and systems requirements for solutions, platforms and application‑level integrations. Influence technology decisions and vendor strategies to support IAM objectives. Required Qualifications
10+ years of bank and finance industry hands‑on experience in Identity Governance & Administration (IGA) or Identity and Access Management (IAM), managing identity lifecycle and enterprise‑scale modernization initiatives. High proficiency and working knowledge of Active Directory, Entra ID (Azure AD), and federated authentication protocols (SAML, OIDC, OAuth2). Proven experience with IAM functionality and tools for Azure, AWS, and Google Cloud and with platforms such as PingIDM, SailPoint, Saviynt, IdentityIQ (IIQ), ForgeRock, Okta, or Oracle IDCS. Expertise in connector frameworks (e.g., OpenICF), identity workflows, role management, and policy development. Familiarity with common Information Security and data protection frameworks and standards (e.g., CIS, NIST, MITRE, ITIL, COBIT, HIPAA, GDPR, PCI DSS, ISO 270001). Familiarity with Zero Trust architecture, FIDO2, and passwordless authentication concepts. Proficiency in data analytics and reporting tools (SQL, Tableau, PowerBI) for compliance and risk metrics. Highly organized and motivated self‑starter who can deliver results with minimal direction, owning and delivering on complex initiatives in a high‑paced, evolving environment. Excellent problem‑solving, documentation, and communication skills with the ability to work effectively across cross‑functional teams. Excellent verbal and written communication skills, ability to communicate with business leaders, users, and tech‑savvy stakeholders and influence outcomes. Shift
1st shift (United States of America) Hours Per Week
40
#J-18808-Ljbffr
Join to apply for the
Identity and Access Management (IAM) Senior Consultant
role at
Bank of America . At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and a level of flexibility based on role‑specific considerations. This role is highly visible and requires frequent interaction with senior management and key stakeholders. LOB Summary
Global Information Security (GIS) protects bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) ensures appropriate access across heterogeneous technology environments and meeting compliance requirements. What to Expect in Identity & Access Management
The Senior IAM Information Security Controls Lead will analyze, strengthen, and secure the company’s IAM systems and overall risk posture for end user, application, and privileged access management. The individual will be a leader in the IAM innovation space, working with senior leaders to implement new technologies and frameworks. Responsibilities
Define and steer IAM standards, including designing enterprise‑appropriate adherence models, governance, controls and effectiveness management. Drive application/platform IAM modernization approach and program for information & data synchronization/management, moving from legacy manual to modernized identity automation solutions such as connector frameworks. Collaborate with partner cybersecurity, engineering, and compliance teams to develop and align controls with industry standards, mitigate known threat vectors, adopt best practice principles and meet regulatory requirements. Drive optimization and adoption of innovative and transformational strategies, including tooling integrations with enterprise platforms such as Active Directory, Mainframe and Public Cloud. Drive requirements, modernization and derisk efforts for processes, controls, systems and platforms, reducing technical debt, improving identity hygiene and supporting continual risk reduction. Interact with examiners and partners within control oversight organizations such as Audit, Compliance, Operational Risk, Regulators, and independent assessment organizations to represent IAM. Manage, liaise with and oversee currency of documentation, governance routines, and QA processes to capture, drive and improve alignment with standards and controls. Drive access management product and systems requirements for solutions, platforms and application‑level integrations. Influence technology decisions and vendor strategies to support IAM objectives. Required Qualifications
10+ years of bank and finance industry hands‑on experience in Identity Governance & Administration (IGA) or Identity and Access Management (IAM), managing identity lifecycle and enterprise‑scale modernization initiatives. High proficiency and working knowledge of Active Directory, Entra ID (Azure AD), and federated authentication protocols (SAML, OIDC, OAuth2). Proven experience with IAM functionality and tools for Azure, AWS, and Google Cloud and with platforms such as PingIDM, SailPoint, Saviynt, IdentityIQ (IIQ), ForgeRock, Okta, or Oracle IDCS. Expertise in connector frameworks (e.g., OpenICF), identity workflows, role management, and policy development. Familiarity with common Information Security and data protection frameworks and standards (e.g., CIS, NIST, MITRE, ITIL, COBIT, HIPAA, GDPR, PCI DSS, ISO 270001). Familiarity with Zero Trust architecture, FIDO2, and passwordless authentication concepts. Proficiency in data analytics and reporting tools (SQL, Tableau, PowerBI) for compliance and risk metrics. Highly organized and motivated self‑starter who can deliver results with minimal direction, owning and delivering on complex initiatives in a high‑paced, evolving environment. Excellent problem‑solving, documentation, and communication skills with the ability to work effectively across cross‑functional teams. Excellent verbal and written communication skills, ability to communicate with business leaders, users, and tech‑savvy stakeholders and influence outcomes. Shift
1st shift (United States of America) Hours Per Week
40
#J-18808-Ljbffr