VP, Identity & Access Management en Cross River

Who We Are

Cross River is a highly profitable, fast-growing financial technology company powering the future of financial services. Our comprehensive suite of innovative and scalable embedded payments, cards, and lending products deliver financial services for millions of businesses and consumers around the globe. Cross River is backed by leading investors and serves the world’s most essential fintech and technology companies. Together with its partners, Cross River is reshaping global finance and financial inclusion. 

We are on a mission to build the infrastructure that propels access, inclusion, and the democratization of financial services. While our company has tripled in size over the last three years, our strong sense of purpose led Cross River to be named to American Banker’s list of Best Places to Work in Fintech for the last 6 years. The reason for this success is simple – our nimble and collaborative family culture lives in every member of our growing team. Together we are at the forefront of technology and innovation, and we invite passionate, collaborative, and motivated high performers to join our expanding team.

What We're Looking For

Cross River Bank is seeking a VP of Identity & Access Management (IAM) to build and lead a modern, risk-aligned, and automation-forward IAM program. Reporting to the VP of IT Security Engineering, this strategic and technical leader will drive the design, governance, and execution of IAM capabilities across our cloud, on-premises, and SaaS environments.

This role will be instrumental in maturing our identity lifecycle management, enforcing least privilege, and enhancing secure access governance—while ensuring compliance with FFIEC, SOC 2, PCI DSS, and other regulatory standards.

Responsibilities: 

Strategy & Leadership

• Define and own the bank’s IAM vision, roadmap, and architecture, aligned with security, compliance, and business goals.
• Build, lead, and mentor a small but high-performing IAM team, fostering a culture of collaboration, innovation, and accountability.
• Champion secure and scalable IAM practices across business units, product teams, and infrastructure domains.
• Partner with Engineering and Compliance to enhance identity governance maturity.

Lifecycle Management & Automation

• Oversee the design and automation of Joiner-Mover-Leaver processes.
• Drive implementation of access request workflows and access reviews through tools like ServiceNow, with tight policy enforcement and auditability.
• Reduce identity sprawl by enforcing role-based and attribute-based access controls (RBAC/ABAC).
• Support federated SSO and MFA rollout across all SaaS applications to eliminate shadow IT.

Privileged Access & Governance

• Lead the rationalization and control of privileged access across AWS, Azure (PIM), and legacy AD environments.
• Partner with Security Engineering and Audit to execute regular access reviews and design SoD frameworks.
• Define access certification cycles with actionable outputs for business owners.

Cloud & SaaS Identity

• Guide cloud identity strategies for Azure, AWS, and SaaS ecosystems to ensure secure and scalable access models.
• Collaborate with Engineering to securely onboard new SaaS vendors under centralized identity management and SSO.

Audit & Compliance

• Maintain IAM controls to meet FFIEC, SOC 2, and PCI DSS standards, and respond effectively to FDIC audits.
• Establish clear KPIs and metrics for IAM hygiene, access review coverage, and lifecycle automation.

Qualifications: 

• 10+ years in IAM, Information Security, or IT Risk roles, with 3+ years in a people management or technical leadership capacity.
• Hands-on experience with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, CyberArk, Okta), ideally in a financial services or regulated environment.
• Deep knowledge of identity lifecycle automation, JML workflows, RBAC, ABAC, SSO, MFA, and PAM principles.
• Proven success aligning IAM strategy with risk, audit, and compliance functions.
• Familiarity with scripting or automation (PowerShell, Python) and modern identity protocols (SAML, OAuth2, OIDC, SCIM).
• Strong communication, influencing, and documentation skills; able to evangelize IAM to both technical and business audiences.
• Experience implementing or integrating with HRIS systems like Workday and ITSM systems like ServiceNow is a plus.
• Certifications preferred: CISSP, CISM, or vendor-specific IAM certs.

#LI-KR1 #LI-Hybrid #LI-Onsite 

Salary Range: $160,000.00 - $200,000.00