Identity Security Manager (GOV) - Tempus

PNC

1d•$80,000 - $224,250•Remote

About The Position

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As an Identity Security Manager (GOV) within PNC's Tempus Technologies organization, you may be based in a remote location. Tempus Technologies, Inc. is the expert leader of secure payments at the point of interaction. For more than 25 years, innovation and producing high quality custom-ready solutions is at the forefront of everything we do. We’re committed to developing exceptional point-of-sale payment integration technology and software solutions to meet the growing needs of our customers’ business requirements. Our knowledgeable and friendly employees are passionately dedicated to delivering world-class support to every client. We thrive in a transparent culture that understands the value of shared ideas, teamwork, and excellence in everything we do. The Identity Security Manager is responsible for owning, operating, and maturing the organization’s identity, privileged access, and secrets management programs to reduce risk, enforce least privilege, and support secure business operations. This role leads the design, implementation, and day‑to‑day execution of Identity and Access Management (IAM) and Privileged Access Management (PAM) services across workforce, application, and infrastructure environments. The ideal candidate brings strong technical expertise in modern IAM and PAM platforms, deep understanding of access control and identity governance principles, and proven leadership skills to guide teams through complex identity challenges. This role partners closely with Security Operations, Infrastructure, Application Engineering, Compliance, and Audit teams to ensure access is properly governed, monitored, and aligned with regulatory and business requirements. In addition, the Identity Security Manager drives continuous improvement of access lifecycle processes, privileged access controls, automation, and metrics to strengthen the organization’s overall security posture and enable scalable, auditable access management.

Requirements

CCSP, CISSP, GCIA, GCIH, GCFA, CySA+ or equivalent certifications.
Hands‑on experience with SailPoint, CyberArk, and HashiCorp Vault in enterprise environments.
Strong understanding of IAM concepts including identity lifecycle management, RBAC/ABAC, least privilege, and zero trust.
Experience integrating IAM solutions with cloud platforms, SaaS applications, and on‑prem infrastructure.
Familiarity with compliance frameworks such as PCI DSS, SOC 2, HIPAA, and other regulated environments.
Experience supporting audits, access reviews, and regulatory evidence requests.
Strong understanding of authentication, authorization, SSO, MFA, and directory services.
Ability to translate technical IAM concepts into clear guidance for technical and non‑technical stakeholders.
Excellent communication, organizational, and prioritization skills.
Strong analytical and problem‑solving abilities with attention to detail.
Bachelors degree.
Industry experience is typically 8+ years.
At least 5 years of prior management experience is typically required.

Nice To Haves

CyberArk Conjur
Governance Management
Program Management
SailPoint IdentityNow

Responsibilities

Lead day to day IAM operations, ensuring reliable and secure access provisioning, modification, and deprovisioning across the enterprise.
Own workforce and non-human identity lifecycle management, including joiner, mover, and leaver processes.
Serve as the escalation point for access related incidents, outages, or high-risk access scenarios.
Ensure IAM platforms operate with high availability, security, and performance, including on call readiness and operational support models.
Own and mature the Identity Governance and Administration (IGA) program using SailPoint.
Lead access certification campaigns, role modeling, entitlement management, and access reviews.
Drive automation of access requests, approvals, and policy enforcement.
Partner with Compliance and Audit teams to support evidence collection, remediation tracking, and control validation.
Define and maintain identity governance policies aligned to least privilege and segregation of duties principles.
Lead the design, implementation, and operation of PAM capabilities.
Own privileged account onboarding, credential rotation, session management, and access approval workflows.
Ensure strong controls for administrative, service, and emergency access.
Partner with Infrastructure and Engineering teams to onboard platforms, applications, and cloud workloads into PAM.
Develop metrics and reporting for privileged access usage, risk, and compliance.
Own enterprise secrets management strategy and implementation using HashiCorp Vault.
Ensure secure storage, rotation, and access control for application and infrastructure secrets.
Partner with development and platform teams to integrate Vault into CI/CD pipelines and runtime environments.
Drive best practices for non-human identities, dynamic credentials, and short-lived secrets.
Define IAM architecture standards for workforce, application, cloud, and infrastructure access.
Evaluate and implement new IAM technologies, integrations, and automation opportunities.
Maintain IAM documentation including standards, procedures, and reference architectures.
Ensure IAM controls align with organizational risk appetite, audit requirements, and industry best practices.
Produce metrics and reporting related to access risk, policy compliance, and operational performance.
Lead and mentor IAM/PAM engineers and analysts, providing technical guidance and career development.
Execute staffing decisions, onboarding, and performance management for the Identity Security team.
Identify process gaps and technical debt, driving improvements in automation, reliability, and scalability.
Champion strong documentation, operational discipline, and security by design principles.

Benefits

medical/prescription drug coverage (with a Health Savings Account feature)
dental and vision options
employee and spouse/child life insurance
short and long-term disability protection
401(k) with PNC match
pension and stock purchase plans
dependent care reimbursement account
back-up child/elder care
adoption, surrogacy, and doula reimbursement
educational assistance, including select programs fully paid
a robust wellness program with financial incentives
maternity and/or parental leave
up to 11 paid holidays each year
9 occasional absence days each year, unless otherwise required by law
between 15 to 25 vacation days each year, depending on career level; and years of service