What are the responsibilities and job description for the VP, Identity & Access Management - BISO position at Jefferies?
Job Description
We are seeking a highly driven and business‑aligned Identity BISO / Business Identity Officer (BIO) to serve as a key leader for Jefferies’ Segregation of Duties (SoD) Initiative and broader identity governance program. This role partners closely with business units, application teams, technology owners, and control functions to ensure SoD risks are identified, assessed, remediated, and prevented as part of our Identity & Access Management strategy.
This position exists at the intersection of identity security, risk management, and business enablement. The Identity BISO/BIO ensures our identity controls—including SoD, role governance, access governance, and certification processes—are effectively adopted across the enterprise. The role strengthens governance, drives cross‑functional alignment, and advances the identity security roadmap in collaboration with the IAM leadership team.
Key Responsibilities
About Us
Jefferies is a leading global, full-service investment banking and capital markets firm that provides advisory, sales and trading, research, and wealth and asset management services. With more than 40 offices around the world, we offer insights and expertise to investors, companies, and governments.
At Jefferies, we are committed to building a culture that provides opportunities for all employees regardless of our differences and supports a workforce that is reflective of the communities where we work and live. As a result, we are able to pool our collective insights and intelligence to provide fresh and innovative thinking for our clients.
Jefferies is committed to creating and sustaining a workforce that welcomes individuals from all backgrounds to apply. Our employment decisions are made without regard to race, creed, color, national origin, ancestry, religion, pregnancy, age, medical condition, physical or mental disability, marital status, domestic partner status, sex, sexual orientation, gender, gender identity or expression, veteran or military status, genetic information, reproductive health decisions, or any other factor protected by applicable law. We are committed to hiring the most qualified applicants and complying with all federal, state, and local equal employment opportunity laws. As part of this commitment, Jefferies will extend reasonable accommodation to individuals with disabilities, as required by applicable law.
The salary offered will take into consideration an individual’s experience level and qualifications. In addition to salary, Jefferies Financial Group is proud to offer a comprehensive benefits package to eligible, full-time employees or part-time employees, who are scheduled to work at least 30 hours or more per week, including an annual discretionary incentive and retention bonus, competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Jefferies also offers paid time off packages that include planned time off (e.g., vacation), unplanned time off (e.g., sick leave), and paid holidays, and for full-time employees, paid parental leave.
We are seeking a highly driven and business‑aligned Identity BISO / Business Identity Officer (BIO) to serve as a key leader for Jefferies’ Segregation of Duties (SoD) Initiative and broader identity governance program. This role partners closely with business units, application teams, technology owners, and control functions to ensure SoD risks are identified, assessed, remediated, and prevented as part of our Identity & Access Management strategy.
This position exists at the intersection of identity security, risk management, and business enablement. The Identity BISO/BIO ensures our identity controls—including SoD, role governance, access governance, and certification processes—are effectively adopted across the enterprise. The role strengthens governance, drives cross‑functional alignment, and advances the identity security roadmap in collaboration with the IAM leadership team.
Key Responsibilities
- SoD Program Leadership
- Lead the day‑to‑day execution of the enterprise Segregation of Duties (SoD) initiative, including risk assessment, policy enforcement, and remediation tracking.
- Partner with business owners, IT application teams, and control partners to define, validate, and refine SoD rulesets and conflict matrices.
- Facilitate prioritization of SoD issues and deliver regular reporting to senior stakeholders, including dashboards and KPI tracking.
- Business Partnership & Stakeholder Engagement
- Act as the primary liaison between Global Information Security and assigned business units, understanding their processes, applications, and risk landscape.
- Conduct workshops, working sessions, and recurring governance meetings with business and IT teams (e.g., SOD Weekly Management Connect) to drive alignment and resolve issues.
- Communicate program updates, risks, and requirements to senior leaders in a clear and actionable manner.
- Identity Governance & Control Execution
- Collaborate with application owners to ensure appropriate role design, access certifications, and control implementation that reduce SoD violations.
- Support annual and ongoing certification cycles, partnering with business and technology teams (e.g., 2026 Certification Process sessions) to ensure compliant execution.
- Work with audit, compliance, and risk teams to support assessments and drive closure of identified issues.
- Program Governance & Continuous Improvement
- Maintain and enhance SoD standards, procedures, and governance artifacts.
- Recommend and drive improvements to tooling, automation, reporting, and integration with IAM systems (e.g., IGA platform, entitlement data quality, and application onboarding).
- Monitor control performance and identify opportunities to tighten controls or reduce manual effort.
- Cross‑Functional Collaboration
- Coordinate with IAM engineering, security architecture, compliance, internal audit, application teams, and external partners.
- Facilitate discussion around SoD implications during new application onboarding, system upgrades, and process changes.
- Serve as an internal subject matter expert on SoD and access risk.
- 5–10 years of experience in Information Security, Risk Management, IT Governance, Identity & Access Management, or related fields.
- Direct experience with Segregation of Duties frameworks, access control models, and entitlement governance.
- Strong understanding of business processes in financial services (e.g., trade lifecycle, finance, operations, regulatory reporting).
- Proven track record of managing cross‑functional programs and driving outcomes with business and technology teams.
- Exceptional communication, facilitation, and relationship‑building skills.
- Ability to interpret complex technical and business issues and translate them into actionable plans.
- Experience with IGA platforms (SailPoint, Saviynt, or similar).
- Knowledge of role‑based access control (RBAC) design principles.
- Familiarity with regulatory frameworks (SOX, FFIEC, NIST, ISO27001).
- Prior consulting or BISO-type experience supporting business units.
- Strong analytical skills and comfort working with data.
About Us
Jefferies is a leading global, full-service investment banking and capital markets firm that provides advisory, sales and trading, research, and wealth and asset management services. With more than 40 offices around the world, we offer insights and expertise to investors, companies, and governments.
At Jefferies, we are committed to building a culture that provides opportunities for all employees regardless of our differences and supports a workforce that is reflective of the communities where we work and live. As a result, we are able to pool our collective insights and intelligence to provide fresh and innovative thinking for our clients.
Jefferies is committed to creating and sustaining a workforce that welcomes individuals from all backgrounds to apply. Our employment decisions are made without regard to race, creed, color, national origin, ancestry, religion, pregnancy, age, medical condition, physical or mental disability, marital status, domestic partner status, sex, sexual orientation, gender, gender identity or expression, veteran or military status, genetic information, reproductive health decisions, or any other factor protected by applicable law. We are committed to hiring the most qualified applicants and complying with all federal, state, and local equal employment opportunity laws. As part of this commitment, Jefferies will extend reasonable accommodation to individuals with disabilities, as required by applicable law.
The salary offered will take into consideration an individual’s experience level and qualifications. In addition to salary, Jefferies Financial Group is proud to offer a comprehensive benefits package to eligible, full-time employees or part-time employees, who are scheduled to work at least 30 hours or more per week, including an annual discretionary incentive and retention bonus, competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Jefferies also offers paid time off packages that include planned time off (e.g., vacation), unplanned time off (e.g., sick leave), and paid holidays, and for full-time employees, paid parental leave.
Salary : $145,000 - $200,000