VP, Identity & Access Management

Cross River•Fort Lee, NJ

1d•Hybrid

About The Position

Cross River Bank is seeking a VP of Identity & Access Management (IAM) to build and lead a modern, risk-aligned, and automation-forward IAM program. Reporting to the VP of IT Security Engineering, this strategic and technical leader will drive the design, governance, and execution of IAM capabilities across our cloud, on-premises, and SaaS environments. This role will be instrumental in maturing our identity lifecycle management, enforcing least privilege, and enhancing secure access governance—while ensuring compliance with FFIEC, SOC 2, PCI DSS, and other regulatory standards.

Requirements

10+ years in IAM, Information Security, or IT Risk roles, with 3+ years in a people management or technical leadership capacity.
Hands-on experience with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, CyberArk, Okta), ideally in a financial services or regulated environment.
Deep knowledge of identity lifecycle automation, JML workflows, RBAC, ABAC, SSO, MFA, and PAM principles.
Proven success aligning IAM strategy with risk, audit, and compliance functions.
Familiarity with scripting or automation (PowerShell, Python) and modern identity protocols (SAML, OAuth2, OIDC, SCIM).
Strong communication, influencing, and documentation skills; able to evangelize IAM to both technical and business audiences.

Nice To Haves

Experience implementing or integrating with HRIS systems like Workday and ITSM systems like ServiceNow is a plus.
Certifications preferred: CISSP, CISM, or vendor-specific IAM certs.

Responsibilities

Define and own the bank’s IAM vision, roadmap, and architecture, aligned with security, compliance, and business goals.
Build, lead, and mentor a small but high-performing IAM team, fostering a culture of collaboration, innovation, and accountability.
Champion secure and scalable IAM practices across business units, product teams, and infrastructure domains.
Partner with Engineering and Compliance to enhance identity governance maturity.
Oversee the design and automation of Joiner-Mover-Leaver processes.
Drive implementation of access request workflows and access reviews through tools like ServiceNow, with tight policy enforcement and auditability.
Reduce identity sprawl by enforcing role-based and attribute-based access controls (RBAC/ABAC).
Support federated SSO and MFA rollout across all SaaS applications to eliminate shadow IT.
Lead the rationalization and control of privileged access across AWS, Azure (PIM), and legacy AD environments.
Partner with Security Engineering and Audit to execute regular access reviews and design SoD frameworks.
Define access certification cycles with actionable outputs for business owners.
Guide cloud identity strategies for Azure, AWS, and SaaS ecosystems to ensure secure and scalable access models.
Collaborate with Engineering to securely onboard new SaaS vendors under centralized identity management and SSO.
Maintain IAM controls to meet FFIEC, SOC 2, and PCI DSS standards, and respond effectively to FDIC audits.
Establish clear KPIs and metrics for IAM hygiene, access review coverage, and lifecycle automation.