Director, Identity and Access Management

GreatAmerica Financial Services•Cedar Rapids, IA

21h•Hybrid

About The Position

GreatAmerica Financial Services is a highly successful entrepreneurial company providing equipment financing to businesses across the United States. Our exemplary customer service, our principle-centered business philosophy and our team-based operating approach are key to our success and growth. We Are Looking to Add a Key Member to Our Enterprise Security Team! The Director, Identity and Access Management (IAM) is responsible for designing, implementing, and operating GreatAmerica’s enterprise IAM program to ensure secure, appropriate, and auditable access to systems, applications, and data across the organization. This role is critical to protecting confidential information, supporting regulatory compliance, and enabling business operations through effective access governance. The Director IAM will partner closely with Technology, Security, Risk Management, Internal Audit, Compliance, and business stakeholders. This role will report to the Chief Information Security Officer and manage a team of Information Security Engineers. As a Director, Identity and Access Management (IAM), you will:

Requirements

Bachelor’s degree in information systems, Cybersecurity, or a related field (or equivalent experience).
7+ years of experience in Identity and Access Management, Information Security, or IT Risk.
3+ years in a leadership or program ownership role.
Strong understanding of banking regulatory expectations (FFIEC, ITGC, ICFR).
Hands-on experience with IAM concepts such as RBAC, MFA, PAM, and access certifications.
Demonstrated ability to apply risk-based thinking to decision-making and control design.
Experience translating complex technical concepts into clear, actionable guidance for non-technical stakeholders.
Proven ability to design and sustain operational controls that are practical, scalable, and auditable.
Strong analytical skills with the ability to identify issues, assess impact, and drive resolution.
Ability to balance security, compliance, and business enablement when evaluating solutions and processes.
Experience working across multiple teams and disciplines to drive consistent outcomes.
Strong organizational skills with the ability to prioritize work and manage competing demands.
Ability to lead initiatives through change, ambiguity, and evolving requirements.
Demonstrated ownership mindset with accountability for outcomes, not just activities.
Strong written and verbal communication skills, including the ability to prepare clear documentation, summaries, and executive-level communications.
Ability to influence and build consensus without direct authority.
Experience developing, mentoring, and guiding individual contributors and/or vendor partners.
High level of integrity, professional judgment, and discretion when handling sensitive information.
Continuous improvement mindset with a willingness to adapt practices as risks, regulations, and business needs evolve.

Nice To Haves

Experience in a regulated financial institution
Familiarity with NIST CSF, COBIT, and SOX controls
Professional certifications (CISSP, CISM, CRISC, or vendor IAM certifications)
Experience responding to regulatory exams and external audits.
Experience leading enterprise Identity Governance through the implementation and administration of a centralized IGA platform such as SailPoint.

Responsibilities

IAM Program Leadership Own and mature the organization’s IAM strategy, roadmap, and operating model aligned to business and regulatory needs.
Establish and enforce IAM policies, standards, procedures, and controls (e.g., access provisioning, least privilege, segregation of duties) in alignment with business and regulatory expectations.
Serve as the subject matter expert for identity governance, authentication, authorization, and privileged access.
Access Governance & Controls Lead role-based access control (RBAC) design and maintenance across core systems and applications.
Ensure timely and accurate user provisioning, modification, and de-provisioning.
Oversee periodic access reviews, certifications, and recertifications for systems in scope for ITGC and ICFR.
Ensure segregation of duties conflicts are identified, documented, mitigated, or remediated.
Audit, Risk & Compliance Support internal audits, regulatory exams, and third-part risk assessments related to identity and access management.
Address IAM-related findings from internal audits, external audits, and regulatory examinations.
Provide evidence and documentation to support ITGC, ICFR, FFIEC, and NIST CSF requirements.
Partner with Risk Management to assess and reduce access-related risks.
Technology & Operations Manage IAM tools and platforms (e.g., IGA, MFA, PAM, directory services).
Collaborate with Infrastructure, Application, and Cloud teams to integrate IAM controls into new and existing systems.
Drive automation where possible to improve accuracy, efficiency, and auditability.
Stakeholder & Team Leadership Lead and develop IAM staff and/or managed service providers.
Communicate IAM risks, metrics, and progress to senior management and governance committees.
Educate business and IT stakeholders on IAM responsibilities and best practices.

Benefits

Competitive Compensation
Monthly Bonuses for Eligible Employees
401(k) and Company Match
Annual Profit Sharing
Paid Time Off
Paid Vacation - starting at 80 hours annually for employees in their first year of service.
Paid Sick Days - Ten (10) per year with a conversion option for unused time.
Ten (10) Paid Holidays per year
Gym Reimbursement
Health Insurance
Dental Insurance
Vision Insurance
Short-Term and Long Term Disability
Company Paid Life Insurance
Flexible Spending Accounts (FSA)
Health Savings Accounts (HSA)
Employee Assistance Program
Parental Leave
Tuition Assistance
Networking Opportunities
Leadership Development Opportunities
Paid Parking
Service Awards
Hybrid work arrangements
Business casual environment
A strong organizational culture focused on our greatest asset: you!