The Senior Director of Identity and Access Management (IAM) and Data Protection will define and execute the vision and forward-thinking strategy for Cox Automotive’s IAM program globally, aligning it with both enterprise and product business objectives. This leader will also establish policies and guardrails for end user collaboration and data sharing in today’s hybrid combination of on-premise and cloud based collaboration tools. This role requires a deep understanding of cybersecurity principles, industry best practices, and emerging technologies to ensure the security and integrity of our organization's digital assets.
This role will directly report to the Chief Information Security Officer of Cox Automotive.
Responsibilities
- Develop, socialize, and gain alignment on an overall Identity and Access Management (IAM) strategy and framework that includes workforce identity, customer identity, authentication, and privileged access management.
- Partner with operational teams to define requirements, guardrails, and operating standards for workforce identity (including cloud IAM), customer identity, authentication/centralized identity providers, and privileged access management (both on-premise and cloud).
- Effectively communicate IAM and Zero Trust concepts and strategies to non-technical partners, fostering a shared understanding of security and identity principles for workforce identity, customer identity, authentication and privileged access management.
- Establish and implement IAM policies, standards, and procedures, ensuring compliance with applicable laws, regulations, customer expectations, and relevant security frameworks.
- Monitor developments in the IAM security industry including vendor strategies and roadmaps and continuously assess and enhance IAM policies, procedures, and technologies to adapt to evolving threats and business needs.
- Lead the evaluation and potential selection and implementation of emerging technologies and cutting-edge IAM solutions that may replace existing solutions or bring compelling new capabilities to the environment.
- Define appropriate IAM security metrics and provide regular and consolidated reporting to the senior leadership team.
- Establish and implement policies and standards for unstructured data collaboration for end users, including tagging, sharing controls, and zero trust approach to remote access to data based on risk.
- Continually assess and monitor features in key collaboration tools like M365 and Slack and partner with operational teams to ensure that new features are deployed securely and within established policy guardrails.
- Hire, train, motivate, guide, grow and develop direct reports and employees. Ensure a participative/engaged work environment that will attract and maintain a workforce of talented and satisfied employees.
- Identify, propose, and influence business solutions, negotiate deliverables and requirements across multiple business customers or organizations.
- Analyze and manage capital and expense budgets.
- Oversee and lead contract negotiations and vendor management.
- Represent the business in key industry groups.
Minimum Qualifications
- Bachelor’s degree in a related discipline and 14 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 12 years’ experience; a Ph.D. and 9 years’ experience in a related field; or 18 years’ experience in a related field
- 10+ years of experience required in the field of information security with a demonstrated path of increasing scope and management responsibilities.
- 5+ years of experience in IAM leadership roles with a track record of building high-performing teams, a strong background in risk management, and driving innovation across the Identity and Access Management discipline
- Strong understanding of IAM principles, technologies, and standards, including LDAP, SAML, OIDC, OAuth, PKI, FIDO2, and IAM frameworks (e.g., SailPoint, Okta, EntraID).
- In-depth knowledge of authentication mechanisms, access control models, and identity governance principles for both on-premise and cloud based infrastructure and services.
- Ability to make strategic decisions, supervise complex programs, manage, and educate highly skilled professionals, and manage other departments relating to IAM and data protection.
- Solid, pragmatic business acumen, proven record of creatively solving problems, and offering solutions.
- Consultative nature to work through controversial or complex topics to employees, leaders, and/or top management.
- Ability to manage multiple complex projects while meeting deadlines and managing leaders of teams to achieve optimal results.
- Develop strong and productive working environment with key stakeholders and collaborate closely with other Cox entities’ security teams to implement security best practices.
- Excellent customer service skills, writing and executive presentation skills.
- Relevant industry certification: CISSP, CISM, CISA, etc.
Preferred Qualifications
- Advanced degree (MBA / MS)
- 5+ years of experience in a senior management role.
- Experience in customer identity programs for large scale software products and services.
About Cox
Cox empowers employees to build a better future and has been doing so for over 120 years. With exciting investments and innovations across transportation, communications, cleantech and healthcare, our family of businesses – which includes Cox Automotive and Cox Communications – is forging a better future for us all. Ready to make your mark? Join us today!
------------
Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page.
Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.