Job Title: Security Programme Manager (Cybersecurity, IAM, PAM)
Overview
We’re looking for a decisive, delivery-focused Security Programme Manager to lead and scale critical cybersecurity initiatives across Identity & Access Management (IAM), Privileged Access Management (PAM), and broader security domains. This role is about execution at pace—building programmes, shaping teams, and driving measurable risk reduction.
What You’ll Do
* Own end-to-end delivery of complex security programmes, with a strong focus on IAM and PAM transformation.
* Define programme strategy, roadmap, and success metrics aligned to business risk and regulatory priorities.
* Build and scale high-performing security programme teams—hiring, structuring, and developing talent.
* Drive implementation of IAM/PAM solutions (e.g., identity lifecycle, access governance, privileged session management, secrets management).
* Establish governance frameworks, reporting cadence, and stakeholder engagement at exec level.
* Manage cross-functional delivery across security, engineering, infrastructure, and business units.
* Control programme budgets, timelines, risks, and dependencies with ruthless clarity.
* Embed security-by-design principles into enterprise change initiatives.
* Ensure compliance with relevant standards (e.g., ISO 27001, NIST, GDPR) without slowing delivery.
What You Bring
* Proven track record delivering large-scale cybersecurity programmes, specifically IAM and PAM.
* Strong grasp of identity architecture, access controls, RBAC/ABAC models, and privileged access risks.
* Experience standing up or transforming security programme functions and teams.
* Commercial awareness—balancing risk, cost, and delivery outcomes.
* Exceptional stakeholder management skills, including C-suite communication.
* Hands-on approach to problem-solving; comfortable operating in ambiguity.
* Familiarity with leading IAM/PAM tools (e.g., SailPoint, CyberArk, Okta, Azure AD/Entra, BeyondTrust).
* Strong knowledge of security frameworks and regulatory landscapes.
Nice to Have
* Experience in cloud-first environments (AWS, Azure, GCP).
* Background in DevSecOps or integrating IAM into CI/CD pipelines.
* Relevant certifications (CISSP, CISM, CRISC, or equivalent).
What Success Looks Like
* IAM and PAM programmes delivered on time, with clear risk reduction outcomes.
* Scalable, capable security programme team in place.
* Measurable improvements in access governance, least privilege enforcement, and audit readiness.
* Stakeholders confident in security delivery and direction.