Senior Manager - IAM, Application, and Product Security

About The Position

Requirements

• Bachelor’s degree in business, technology or related field from an accredited college is required.
• CISSP, CCSP, CSSLP, CISA, or comparable credentials in IAM or AppSec.
• 10 plus years of experience in IT or cyber security.
• Prior experience in deploying and managing IAM and PAM technologies.
• At least 5 years of experience managing a cyber security team in a large global organization
• Deep understanding of identity standards and protocols (SAML, OIDC, OAuth 2.0, SCIM).
• Strong grasp of secure software engineering, OWASP Top 10, and modern DevSecOps toolchains.
• Familiarity with firmware and IoT security concepts (secure boot, signed firmware, OTA updates, hardware root of trust).
• Expertise in automating security in CI/CD and cloud (AWS, Azure, GCP).
• Strong stakeholder engagement and executive-level presentation skills.
• Build consensus across engineering and product functions.
• Capable of persuading non-security leaders (e.g., IT Ops, Engineering, Product) by linking security initiatives to operational continuity, consumer trust, and compliance posture.
• Required to be in the office at least three days a week. Monday and Wednesday are mandatory.
• Ability to manage and monitor major incidents during non-business hours

Nice To Haves

• Master’s degree is a plus.

Responsibilities

• Own the enterprise Identity and Access Management (IAM) roadmap covering workforce and customer identity, access governance, privileged access, and federation services
• Lead the implementation and lifecycle management of IAM platforms (e.g., Okta, Azure AD, CyberArk, Ping, SailPoint).
• Partner with HR, IT, and infrastructure teams to automate identity lifecycle and onboarding/offboarding workflows.
• Integrate IAM capabilities with cloud and DevOps environments for seamless CI/CD pipeline access control.
• Define standards, code review practices, and tooling for static, dynamic, and dependency analysis
• Collaborate with software and firmware teams to design secure architectures for web, mobile, and embedded (IoT) products
• Champion “security by design” in product and feature development, including privacy and data-protection by default
• Oversee application security assessments, bug bounty program integrations, and third-party security reviews.
• Partner with product managers, developers, and IT to integrate security objectives into business and technology roadmaps.
• Act as a senior security advisor in architecture reviews, technology selection, and M&A technical due diligence
• Represent Security in governance forums and external assessments (Audits, SOC 2, ISO 27001, or customer security reviews).
• Comply with health and safety guidelines and rules; managers should also ensure compliance across their teams.
• Protect Chamberlain Group’s reputation by keeping information confidential.
• Maintain professional and technical knowledge by attending educational workshops, reading professional publications, establishing personal networks, and participating in professional societies.
• Contribute to the team effort by accomplishing related results and participating on projects as needed.
• Motivate and lead a high performance team by attracting, developing, engaging and retaining team members
• Drive the performance management and compensation processes by communicating job expectations, monitoring and evaluating performance, providing feedback and facilitating employee development per the company’s policies
• Maintain transparent communication by appropriately communicating organization information to team through department meetings, one-on-one meetings, appropriate email, IM and regular interpersonal communications
• Lead and motivate individuals and teams to create a workplace culture that is consistent with the CG mission, vision and values.

Benefits

• comprehensive benefits package
• 401k contribution
• participation in a short-term incentive plan