IAM Lead: Privileged Access Management - Director

Company: SMBC Group
Location: Charlotte
Posted on: December 1, 2025

Job Description:

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG’s shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges. In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization’s extensive global network. The Group’s operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd. The anticipated salary range for this role is between $203,000.00 and $230,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees. Role Description This role will be part of the IAM Architecture and Engineering function within SMBC. The individual will work with the Group Companies to provide elegant solutions that adhere to the core principles of Zero-Trust, Just-In-Time and Just-Enough-Access but balance it with a frictionless experience for end users and applications. The ideal candidate must be a subject matter expert in IAM and be aware of modern authentication protocols and industry standards. The individual will play a key role in securing privileged identities, aligning PAM capabilities with zero trust and compliance frameworks, and use capabilities of products like CyberArk, Delinea (Thycotic), Microsoft Entra PIM, and other PAM toolsets. Role Objectives Design and maintain end-to-end PAM architecture including vaulting, session monitoring, just-in-time access, and admin workflows Lead deployment and configuration of CyberArk components (PVWA, CPM, PSM, Conjur etc.) Integrate CyberArk or Delinea Secret Server and/or other PAM tools into hybrid/cloud infrastructure. Implement and manage Microsoft Entra PIM for JIT elevation and role lifecycle controls Architect and enforce least privilege models (RBAC, JIT, ABAC) across on-prem and cloud platforms (Azure, AWS, GCP) Partner with IAM, SOC, Security Architecture, Infrastructure and Application teams to enforce privilege identity policies Automate PAM provisioning and approval workflows and integrate with Service Now Maintain logging and monitoring of privilege activities and integration with SIEM tools like Microsoft Sentinel and Cribl Document architecture, SOPs, onboarding processes, and contribute to policy documents Research and evaluate PAM platforms, tools, and technologies that meet the organization’s needs Provide guidance and mentorship to other team members on PAM best practices and emerging technologies. Provide guidance and documentation for Infrastruture/Database/Cloud/App teams to embed PAM services in their day-to-day operations, ensuring seamless integration, good adoption and optimal performance Qualifications and Skills 5 years of experience in identity and access management, with a focus on PAM Strong understanding of identity management protocols (OAuth OpenID Connect, SAML etc) Deep expertise in CyberArk and Delinea Proficient with Microsoft Entra PIM, Azure RBAC, and Entra ID roles Experience with implementing JIT, break-glass, and PAM for human and non-human identities Strong scripting skills Strong problem-solving skills, with the ability to analyze complex technical environments and develop effective solutions Excellent communication and interpersonal skills, with the ability to collaborate across teams and influence stakeholders High attention to detail and self-driven Education/Certification Bachelor’s degree in Computer Science, Information Technology, or related field Certification – CISSP, cloud or other Security related CyberArk experience/training/certification is a plus Additional Requirements SMBC’s employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required. SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law.

Keywords: SMBC Group, Charlotte , IAM Lead: Privileged Access Management - Director, IT / Software / Systems , Charlotte, North Carolina