Identity & Access Management (IAM) Governance Executive
Company: Bank of America
Location: Boston
Posted on: April 1, 2026
|
|
|
Job Description:
Job Description: At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. We do this by driving Responsible Growth and
delivering for our clients, teammates, communities and shareholders
every day. Being a Great Place to Work is core to how we drive
Responsible Growth. This includes our commitment to being an
inclusive workplace, attracting and developing exceptional talent,
supporting our teammates’ physical, emotional, and financial
wellness, recognizing and rewarding performance, and how we make an
impact in the communities we serve. Bank of America is committed to
an in-office culture with specific requirements for office-based
attendance and which allows for an appropriate level of flexibility
for our teammates and businesses based on role-specific
considerations. At Bank of America, you can build a successful
career with opportunities to learn, grow, and make an impact. Join
us! Summary: Global Information Security (GIS) is responsible for
protecting bank information systems, confidential and proprietary
data, and customer information. GIS develops the bank’s Information
Security strategy and policy, manages the Information Security
program, identifies and addresses vulnerabilities and operates a
global security operations center that monitors, detects and
responds to cybersecurity incidents. Within GIS, Identity and
Access Management (IAM) is a security discipline that enables the
right individuals to access the right resources at the right times
and in the right context. IAM addresses the mission-critical need
to ensure appropriate access to the resources across increasingly
heterogeneous technology environments, and to meet increasingly
rigorous compliance requirements Role Description: The Senior Vice
President executive of Identity & Access Management (IAM)
Governance serves as the enterprise authority for identity
governance strategy, policy, and risk management within Global
Information Security. This leader defines and drives the IAM
governance vision across the bank, ensuring that identity controls,
technologies, and processes align with globally recognized
frameworks, regulatory expectations, and the bank’s strategic
objectives. The role oversees enterprise-wide, global, IAM
governance, including policy, standards, lifecycle controls, access
certifications, privileged access governance, authentication, and
identity risk metrics, anchored to leading industry standards: NIST
SP 800?63?4 Digital Identity Guidelines, NIST SP 800?53 Access
Control & Identification/Authentication controls, ISO/IEC
27001:2022 Annex A 5.16 Identity Management, and FFIEC
Authentication & Access Management guidance for financial
institutions. As the global IAM Governance leader, y ou will shape
the long?term direction of the IAM technology ecosystem, including
Identity Governance & Administration (IGA), federation/SSO/MFA,
privileged access management (PAM), secrets vaulting, and directory
services, and ensure robust auditability, regulatory alignment, and
measurable risk reduction across all identity domains. Required
Skillset: Expertise in IAM Governance & Control Framework • Deep
command of identity standards and regulatory expectations including
NIST 800?63?4 (digital identity assurance), NIST 800?53 AC/IA
controls, and ISO 27001 Annex A 5.16 identity lifecycle
requirements. • Ability to translate these frameworks into
enterprise policy, standards, and measurable control objectives. •
Participate in industry forums and represent the bank as needed, to
ensure evolution of IAM governance in alignment with peer banks.
Identity Technologies & Architecture Mastery • Extensive experience
with enterprise IGA platforms (e.g., SailPoint, Saviynt),
federation/SSO/MFA (OIDC, SAML), directory services, and privileged
access technologies—consistent with senior?level role expectations
in industry postings. Privileged Access & Zero Standing Privilege
(ZSP) • Strong understanding of Just?in?Time (JIT) privileged
access models and risk?based reduction of standing admin privileges
aligned with modern PAM best practices. Regulatory & Audit
Alignment for Financial Services • Ability to interpret,
operationalize, and evidence compliance with FFIEC Authentication &
Access Guidance as well as global regulatory expectations for
layered security, MFA, and monitoring expectations. Executive
Communication & Governance Leadership • Exceptional ability to
articulate technical identity risks, residual exposure, and
compliance posture to senior business leaders, regulators, Internal
Audit, Compliance, and Operational Risk, and relate the same in
governance routines. Enterprise Metrics & Identity Risk Insight •
Skilled in designing and governing IAM KRIs/KPIs (e.g.,
certification quality, toxic entitlement reduction, IGA onboarding
velocity, JIT/ZSP adoption), as emphasized in senior IGA director
roles. Cross?Functional Influence & Three?Lines?of?Defense
Partnership • Ability to influence technology executives, CIO
organizations, BISOs, and control partners to drive identity risk
reduction and consistent taxonomy and control adoption. Required
Qualifications: • 10 years of leadership experience in IAM,
information security governance, risk management, or related
executive technology functions within large-scale, regulated
enterprises, aligned with senior and executive?level identity
roles. • Proven experience leading large global teams, managing
executive?level governance forums, and directing complex IAM
transformation initiatives. • Demonstrated success overseeing and
continually improving IGA, federation, privileged access, secrets
management, and identity lifecycle modernization programs across
hybrid environments. • Experience preparing for and responding to
regulatory exams and internal/external audits, ensuring alignment
to FFIEC requirements and NIST/ISO frameworks. • Track record
driving adoption of modern authentication and identity proofing
approaches aligned with NIST SP 800?63?4. • Ability to reduce
privileged access risk through JIT/ZSP and PAM modernization
initiatives in alignment with IAM policy requirements. •
Professional certifications preferred: CISSP, CISM, CISA, CGEIT,
and IAM platform?specific certifications. Shift: 1st shift (United
States of America) Hours Per Week: 40 Pay Transparency details US -
DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - MA
- Boston - 100 Federal St - 100 Federal St Lp (MA5100) Pay and
benefits information Pay range $240,000.00 - $350,000.00 annualized
salary, offers to be determined based on experience, education and
skill set. Discretionary incentive eligible This role is eligible
to participate in the annual discretionary plan. Employees are
eligible for an annual discretionary award based on their overall
individual performance results and behaviors, the performance and
contributions of their line of business and/or group; and the
overall success of the Company. Benefits This role is currently
benefits eligible. We provide industry-leading benefits, access to
paid time off, resources and support to our employees so they can
make a genuine impact and contribute to the sustainable growth of
our business and the communities we serve.
Keywords: Bank of America, Lynn , Identity & Access Management (IAM) Governance Executive, IT / Software / Systems , Boston, Massachusetts
