Lead the implementation of Corporate Governance for User Access Management across all business systems within the scope of BBVA CIB US
Drive the implementation of the Privileged Access Management (PAM) program, ensuring full alignment with corporate governance standards for the management of privileged access
Act as a key liaison between local engineering teams and the CIB Corporate Identity Security function, including the Profiling Office, RPA, and Authorizations units
Lead and develop the IAM function across governance, policies, and technology solutions, including Single Sign-On (SSO), directories, certificates, Multi-Factor Authentication (MFA), and privileged account management
Oversee periodic access reviews and certification processes to ensure appropriate access to business systems and unstructured data
Manage user access across internal systems and external entities, coordinating with local and global security and IT operations to ensure effective end-to-end access lifecycle management (provisioning, modification, and deprovisioning)
Deliver IAM projects on time and within budget, ensuring alignment with business and security objectives
Implement authentication, authorization, and federation capabilities with the BBVA Identity Provider to enable seamless SSO and MFA across business systems
Partner with business units to understand access requirements and provide IAM solutions that align with operational needs and security standards
Lead the adoption and implementation of BBVA corporate Key Management policies, procedures, and governance frameworks across BBVA CIB US
Define and enforce roles, responsibilities, and separation of duties for key custodians, approvers, and operational teams consistent with corporate governance
Establish and maintain formal key lifecycle processes (generation, distribution, storage, rotation, revocation, backup/escrow, compromise handling, and secure destruction) that adhere to corporate requirements
Maintain an authoritative inventory and classification of cryptographic keys and certificates for CIB US, applying corporate classification, retention and protection rules
Define the enterprise physical security strategy, standards, and policies aligned to business risk
Maintain a multi-year maturity roadmap, KPIs, and quarterly reporting to leadership and the Risk Committee
Develop and maintain comprehensive emergency response plans for a wide range of scenarios
Conduct regular drills and training staff to ensure a quick and orderly response
Perform site risk assessments and reviews; prioritize mitigations
Work with HR and Legal to run threat intel, workplace violence, and insider risk playbooks
Implement and oversee access control systems, including biometric technology and the CCTV surveillance network
Supervise the protection of critical facilities, including server rooms, sensitive records, and restricted areas

Requirements

7+ years related experience
3+ leading multi-site programs in the U.S.
Experience in security administration, with 3-plus years’ technical hands-on IAM practitioner
Experience administering IAM systems and access controls aligning with security governance fundamentals
Financial services or mission-critical environment experience
Proficiency with Security system design, business continuity, vendor management, and metrics
Strong written and oral communication skills across varying levels of the organization
Demonstrated experience in analysis of risks/intelligence/threats
Demonstrated experience in coordinating operations and interchange of information with public institutions, such Police, Defense, international Intelligence Agencies
Familiar with one or more regulatory requirements and laws such as, but not limited to, 23 NYCRR part 500, FFIEC, SOX, GDPR, CCPA, Regulation S-P, GLBA
Additionally, experience in one or more of the following is required: ISO 27001, NIST CSF, or the AI Risk Management Framework
Preferred certifications as Director/Deputy/Responsible of Security or equivalent certifications
One or more of the following is preferred but not required: CPP, CISSP, CISM

Benefits

Employee benefits package
Discretionary bonus

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

User Access ManagementPrivileged Access ManagementSingle Sign-OnMulti-Factor AuthenticationIAM systems administrationAccess controlsSecurity system designRisk analysisBiometric technologyCCTV surveillance

Soft Skills

LeadershipCommunicationCollaborationAnalytical thinkingProject managementProblem-solvingTraining and developmentEmergency response planningRisk assessmentInterpersonal skills

Certifications

CISSPCISMCPPISO 27001NIST CSFAI Risk Management FrameworkDirector of SecurityDeputy of SecurityResponsible of SecuritySecurity certifications