Manager, Technology Risk & IAM

Department: Technology

Employment Type: Full Time

Location: Tampa, FL

Description

We are seeking a Technology Risk & IAM Manager to support and strengthen the firm’s identity and access management framework, cybersecurity controls, and overall technology risk management processes. This role will play a critical part in protecting the organization from cybersecurity threats, operational disruption, and access control risks while supporting a rapidly growing national financial services platform.

This individual will partner closely with Technology, Compliance, Operations, Finance, vendors, and business leaders to help build scalable controls, improve enterprise resiliency, and ensure employees have appropriate access to systems and applications based on their job responsibilities. The ideal candidate is operationally hands-on, highly organized, and comfortable working in a fast-paced, evolving environment.

Responsibilities

• Manage day-to-day identity and access management (IAM) processes across core business systems and SaaS platforms
• Design and maintain role-based access models aligned with least-privilege principles
• Oversee onboarding, transfers, and offboarding access provisioning workflows
• Conduct recurring user access reviews and permission recertification exercises
• Partner with department leaders to align system access with business responsibilities and segregation of duties requirements
• Identify excessive, outdated, or conflicting permissions and drive remediation efforts
• Improve workflows related to access requests, approvals, documentation, and audit evidence retention
• Assist in evaluating IAM tools, automation opportunities, and access governance enhancements
• Support and help manage the firm’s cybersecurity program and ongoing security initiatives
• Monitor security risks across systems, applications, endpoints, and third-party vendors
• Coordinate vulnerability remediation efforts, patch management follow-up, and security improvements
• Assist with phishing prevention initiatives, multifactor authentication standards, endpoint protection, and email security controls
• Support incident response readiness, issue escalation, and post-incident remediation activities
• Maintain cybersecurity policies, procedures, standards, and supporting documentation
• Support business continuity and disaster recovery planning and testing efforts
• Coordinate testing related to infrastructure resiliency, backups, failover readiness, and recovery processes
• Support system capacity reviews and infrastructure stress testing initiatives
• Partner with vendors and internal stakeholders to identify operational, resiliency, and security risks
• Track remediation items tied to security gaps, operational issues, and performance concerns
• Support internal audits, due diligence requests, cybersecurity questionnaires, and vendor security reviews
• Maintain documentation and evidence supporting access management and cybersecurity controls
• Help maintain the enterprise technology risk register and remediation logs
• Serve as a trusted internal resource regarding access governance, security controls, and technology risk management
• Translate technical issues into practical business recommendations for non-technical stakeholders
• Promote a culture of accountability, secure behavior, and process discipline
• Recommend scalable improvements as the organization continues to grow
• Perform other duties and responsibilities as assigned
  
  

Qualifications

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Business, or a related field preferred
• 5 years of experience in identity and access management (IAM), cybersecurity, IT administration, IT risk, or technology operations
• Experience administering user access across multiple enterprise systems and SaaS platforms
• Strong understanding of identity and access management principles, access governance, multifactor authentication, endpoint protection, and cybersecurity best practices
• Experience with role-based access controls, user provisioning, access recertifications, and segregation of duties processes
• Experience within financial services, wealth management, banking, insurance, or another regulated industry preferred
• Experience supporting SEC-regulated environments, Registered Investment Advisors (RIA), or broker-dealer platforms preferred
• Familiarity with Microsoft 365, Salesforce or CRM environments, custodian portals, and enterprise SaaS ecosystems preferred
• Industry certifications such as Security , CISSP, CISM, CISA, or similar certifications preferred
• Strong analytical, organizational, and problem-solving skills
• Strong verbal and written communication skills with the ability to work cross-functionally across departments
• Ability to manage multiple priorities in a fast-paced, growing organization
• Experience working within multi-location or rapidly scaling organizations preferred
  
  

Benefits

• 401(k) matching
• Dental Insurance
• Flexible spending account
• Health insurance
• Life insurance
• Paid time off
• Vision insurance
• Equity