Senior Manager, Privileged Access Management (PAM)

Vanguard•Malvern, PA

23h•Hybrid

About The Position

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions. Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape. Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core. Vanguard is seeking a strategic, forward-thinking leader to fill the role of Senior Manager of Privileged Access Management (PAM) and lead the evolution of our privileged access ecosystem across on premises, cloud, and hybrid environments. In this role, you will drive enterprise-wide adoption of modern PAM capabilities, strengthen Zero Trust posture, and ensure resilient protection of Vanguard’s most sensitive assets. This role will report directly into the Global Head of Identity Access Management (IAM). In this role, you will drive enterprise-wide adoption of modern PAM capabilities, strengthen Zero Trust posture, and ensure resilient protection of Vanguard’s most sensitive assets. This leader will build and mentor a high performing global engineering and operations team, partner closely across cybersecurity and technology domains, and own end-to-end delivery of PAM strategy, policy, architecture, engineering and execution - aligned to Vanguard’s global security and risk reduction goals.

Requirements

Technical Expertise Deep experience implementing and managing enterprise PAM platforms (CyberArk, BeyondTrust, HashiCorp Vault, or equivalent).
Strong understanding of Zero Trust, least privilege models, secrets management, credential lifecycle management, and identity centric security.
Experience securing hybrid and multi-cloud environments (AWS, Azure, GCP).
Familiarity with session recording, JIT provisioning, privileged analytics, and automation.
Experience leading PAM integrations with SIEM, SOAR, EDR, and IGA/IDM Identity governance systems.
Knowledge of regulatory standards including SOX, SOC, SEC, GDPR & GS 007 guidelines.
Leadership & Communication Proven experience leading global technical teams, with strong coaching, mentoring, and performance management capabilities.
Ability to communicate complex PAM concepts in simple, actionable terms to executives, engineers, and business leaders alike.
Demonstrated success influencing senior stakeholders and partnering across cybersecurity, risk, legal, compliance, and technology functions.
Minimum 8 years in Cyber-security or IAM, with at least 4-6 years in leadership roles.
Bachelor's degree in computer science, Information Security, Engineering, or related fields

Nice To Haves

Relevant certifications: CISSP, CISM, GIAC (GPAM, GCIH), or cloud security certifications (CCSP, AWS/Azure security).
Experience in financial services or other heavily regulated industries is strongly preferred.
Demonstrated success leading large-scale PAM transformations or cloud migration initiatives.

Responsibilities

Leadership & Strategy Shape and execute Vanguard’s global PAM strategy, roadmap, and operating model - aligning to enterprise risk reduction and Zero Trust principles.
Represent the PAM program in executive forums, risk committees, and governance bodies, providing vision, metrics, and KPIs.
Lead, inspire, and develop engineering teams covering credential vaulting, secrets management, session monitoring, JIT access, and cloud PAM capabilities.
Drive a culture of innovation, technical excellence, and continuous improvement.
Policy Design & Governance Design, maintain, and enforce enterprise‑wide PAM policies that balance security, usability, and operational efficiency.
Partner with Risk, Compliance, Legal, and Audit teams to ensure PAM policies meet regulatory, audit, and control requirements.
Define policy‑driven guardrails for cloud, infrastructure, application, and CI/CD privileged access use cases.
Program & Delivery Oversight Translate strategy into actionable delivery plans with measurable milestones and outcomes with a direct focus on Just-in-Time capabilities
Oversee design, implementation, and scaling of enterprise PAM solutions (e.g., CyberArk, cloud-native PAM, secrets management platforms).
Ensure alignment with IAM architecture, threat intelligence, compliance standards, and cross team dependencies.
Manage budgets, resource planning, capacity, performance evaluations, and vendor/partner relationships.
Technical Alignment & Execution Partner with cybersecurity, cloud engineering, infrastructure, and application teams to integrate PAM into CI/CD pipelines, cloud entitlements, and privileged workflows.
Oversee controls for privileged access lifecycle, break glass procedures, monitoring, and reporting.
Ensure PAM capabilities meet regulatory, audit, and compliance requirements across global environments.
Provide executive level guidance on risk posture, emerging threats, and PAM modernization initiatives