Manager Identity & Access Management
Indexed description
Who We Are
- Merrick Bank: The bank that builds
- CardWorks Servicing: One partner, total performance
- Carson Smithfield: Resolution with respect
Our team tackles the industry’s most complex credit and payment challenges. And we believe that excellent work starts with a team that feels supported, respected, and empowered to grow.
CardWorks Servicing, LLC provides end-to end operational servicing functions for credit cards, secured cards, and installment loans. We service consumer and small business loans across the credit spectrum and offers backup servicing and due diligence services to capital providers and trustees.
Founded in 1997, Merrick Bank is an FDIC®-insured financial institution headquartered in South Jordan, Utah, with over $10 billion in assets. A wholly owned subsidiary of CardWorks Financial Group, Merrick Bank serves roughly five million cardmembers and more than 100,000 merchant customers, offering credit cards, recreational loans, deposit accounts, merchant services and bank sponsorships to consumers and businesses.
Carson Smithfield, LLC provides a variety of post-charge-off debt recovery services, including digital self-service, IVR, live agent, and external agency management.
Position Summary
The IAM Manager is responsible for the day‑to‑day leadership, execution, and continuous improvement of identity and access management (IAM) detective controls and supporting automation. This role leads a technical team that operates access monitoring, certifications, reconciliations, and alerting capabilities that detect unauthorized or inappropriate access across the enterprise.
The manager ensures IAM detective controls operate effectively, consistently, and in compliance with internal security standards and regulatory expectations. This role partners closely with IAM engineering, cybersecurity operations, risk management, internal audit, and application teams to mature controls through automation, improved data quality, and scalable processes.
The ideal candidate combines people leadership, operational discipline, and technical understanding of IAM controls, with a strong focus on reducing manual effort, improving detection capabilities, and maintaining audit readiness.
Essential Functions
Leadership & Operational Management
Expectation: Lead the daily operations of a technical IAM controls team, ensuring consistent execution, accountability, and reliable delivery of detective access management services.
- Provide day‑to‑day leadership, supervision, and direction for a team responsible for IAM detective controls and automation.
- Set clear performance expectations, prioritize work, manage workload distribution, and support ongoing skill development of team members.
- Serve as the escalation point for complex operational issues, control failures, or security‑relevant findings.
- Ensure consistent execution of IAM detective control processes in alignment with policies, standards, and documented procedures.
- Oversee the execution of detective access management controls, including access certifications, authentication configuration reviews, access monitoring, and exception handling.
- Ensure controls effectively detect unauthorized access, inappropriate privilege assignments, and policy violations.
- Coordinate timely investigation, escalation, and remediation of access issues identified through detective controls.
- Maintain operational ownership of control results, tracking issues through remediation and closure.
- Support detective IAM controls, including logging, alerting, and access review evidence collection
- Monitor IAM and PAM activity for anomalous or unauthorized behavior
- Assist with identity‑related investigations, incidents, and penetration testing efforts
- Gather and analyze IAM and PAM data for audits, incident response, and forensic activities
- Collaborate with security teams during access‑related security events to assess impact and remediate issues
- Assist with efforts to automate IAM detective control execution, reporting, and evidence collection.
- Identify opportunities to reduce manual processes, spreadsheet dependency, and point‑in‑time reviews through automation and workflow improvements.
- Partner with IAM engineering and platform teams to improve control data accuracy, metadata completeness, and tool reliability.
- Drive continuous improvement of control processes through standardization, automation, and operational metrics.
- Ensure IAM detective controls align with regulatory, audit, and internal risk management requirements.
- Coordinate audit preparation activities, including evidence collection, documentation, and control walkthroughs.
- Respond to audit inquiries and remediation requests related to IAM detective controls.
- Partner with risk, compliance, and audit teams to identify control gaps and implement corrective actions.
- Collaborate with IAM engineering, security operations, infrastructure, and application teams to support access monitoring and control effectiveness.
- Provide regular reporting on control performance, issues, trends, and improvement initiatives to leadership and stakeholders.
- Participate in IAM governance and security forums to represent detective control operations and provide operational insights.
- Support security incident investigations and access‑related risk assessments as needed.
- Bachelor’s degree in Information Security, Information Technology, Computer Science, or a related discipline; or an equivalent combination of education and relevant experience.
- 6 to 8 years of progressive experience in Identity and Access Management, information security operations, or IT control functions.
- 2 or more years of experience leading or managing a technical team, including responsibility for operational delivery, performance management, and prioritization of work.
- Hands‑on experience operating or overseeing IAM detective controls such as access certifications, access monitoring, reconciliations, or identity‑related alerting.
- Experience supporting audit, risk, and compliance activities within a regulated industry; financial services experience preferred.
- Experience driving process maturity and automation initiatives to reduce manual effort and improve control reliability.
- Familiarity with IAM platforms, access data models, automation tools, and identity‑related logging or reporting capabilities.
- Working knowledge of regulatory and control frameworks such as SOX, SOC1, SOC2, or similar security and compliance standards.
- Proven ability to lead and develop technical teams in an operational security or IAM environment.
- Strong understanding of identity and access management controls, particularly detective and monitoring controls.
- Experience driving process improvement and automation to enhance control effectiveness and efficiency.
- Solid understanding of audit, risk, and compliance expectations related to IAM.
- Ability to analyze access data, interpret control results, and drive remediation efforts.
- Strong organizational skills with the ability to manage multiple priorities and deadlines.
- Effective communicator capable of working with technical teams, auditors, and non‑technical stakeholders.
- Demonstrated commitment to operational excellence, continuous improvement, and secure access practices.
The salary range for this position, if located in NY Metro/NY State is $138,045 to $153,384. However, please note that the salary range will vary for other geographic areas.
#INDHP
Our Employee Value Proposition
- Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
- Benefits Package -Medical, Dental, and Vision (plus much more)
- 401(k) Plan with Company Match
- Short- & Long-Term Disability
- Wellness Programs
- Group Life and AD&D Insurance
- Paid Vacation, Sick Days and bank Holidays
- Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search