IAM Cloud Governance Engineer

Reposted 18 Days Ago
Be an Early Applicant
Brooklyn, OH, USA
In-Office
80K-150K Annually
Senior level
Fintech
The Role
The Senior IAM Cloud Engineer leads cloud IAM governance, oversees privileged access management, ensures compliance with risk regulations, and mentors IAM analysts.
Summary Generated by Built In

Location:

4910 Tiedeman Road, Brooklyn Ohio

The IAM Cloud Governance Engineer is responsible for defining, implementing, and overseeing the enterprise governance model for cloud-based identities, privileged access, and non‑human identities (service accounts). This role provides technical Collaboration with Service Account Governance, and Human Privileged Access Management (HPAM), ensuring alignment with security policy, regulatory obligations, and audit expectations across hybrid and multi‑cloud environments.

The role acts as a governance authority and escalation point, partnering closely with IAM engineering, cloud platform teams, risk management, audit, and application owners.

Key ResponsibilitiesCloud IAM Governance
  • Lead the governance framework for cloud identity and access across IaaS, PaaS, and SaaS platforms, including design standards, control requirements, and lifecycle oversight.
  • Establish and maintain enterprise guardrails for cloud IAM constructs (roles, permissions, entitlements, conditional access, federation).
  • Ensure consistent enforcement of least‑privilege and separation‑of‑duties principles across cloud workloads.
Service Account / Non‑Human Identity (NHI) Governance
  • Own governance strategy for service accounts and non‑human identities, including inventory completeness, ownership attribution, credential lifecycle, and risk classification.
  • Define certification, recertification, and exception handling processes for NHIs in alignment with audit and compliance requirements.
  • Partner with platform and application teams to remediate unmanaged or high‑risk service accounts.
Privileged Access & HPAM Oversight
  • Provide governance leadership over privileged access patterns for cloud and hybrid systems, including just‑in‑time access, break‑glass processes, and session oversight.
  • Ensure HPAM controls are consistently applied and measurable across cloud and on‑prem systems, supporting regulatory and internal risk assessments.
Risk, Audit, and Compliance Enablement
  • Translate regulatory, audit, and risk requirements into actionable IAM governance controls and measurable evidence.
  • Support internal and external audits by providing policy documentation, process flows, certification results, and exception rationale.
  • Act as IAM governance SME for second‑line risk and control partners.
Leadership & Strategic Enablement
  • Serve as senior escalation point and decision authority for IAM cloud governance issues and design exceptions.
  • Influence IAM strategy, roadmap prioritization, and operating model improvements.
  • Mentor analysts and senior practitioners within IAM governance and compliance functions.
Required Qualifications
  • Deep experience in Identity & Access Management (IAM) within large enterprise environments.
  • Hands‑on knowledge of cloud IAM models, including human and non‑human identities.
  • Strong understanding of governance, risk, and control design, including audit evidence expectations.
  • Experience governing privileged access models and service account lifecycles.
  • Proven ability to translate policy and regulatory requirements into operational controls.
Preferred Qualifications
  • Experience supporting regulated environments (financial services, SOX‑relevant systems).
  • Familiarity with ServiceNow or similar platforms for inventory, workflow, and reporting.
  • Professional security or audit certifications (e.g., CISA, CISSP) preferred but not required.
  • Demonstrated leadership in cross‑functional, matrixed organizations.
  • Awareness of Google Gemini Enterprise
Core Skills and Competencies
  • Cloud IAM governance and entitlement modeling (Google and Azure)
  • Service account / non‑human identity governance
  • Privileged access oversight (HPAM) (CyberArk)
  • Risk assessment and control design
  • Audit and evidence management

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $80,000.00 - $150,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation which may include production, commission, and/or discretionary incentives.

Please click here for a list of benefits for which this position is eligible.

Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.

Job Posting Expiration Date: 07/27/2026 KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing [email protected].



#LI-Hybrid

Skills Required

  • Deep experience in Identity & Access Management (IAM) within large enterprise environments.
  • Hands-on knowledge of cloud IAM models, including human and non-human identities.
  • Strong understanding of governance, risk, and control design, including audit evidence expectations.
  • Experience governing privileged access models and service account lifecycles.
  • Proven ability to translate policy and regulatory requirements into operational controls.

KeyBank Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about KeyBank and has not been reviewed or approved by KeyBank.

  • Retirement Support A dollar-for-dollar 401(k) match up to 7% of eligible pay is positioned as a standout element of the total rewards package. Additional financial programs like discounted stock purchase and banking discounts further strengthen perceived long-term value.
  • Leave & Time Off Breadth A pooled PTO bank with amounts that scale by level and tenure is described as a meaningful benefit and a retention lever. Paid parental leave is also included, adding to the breadth of time-off support.
  • Wellbeing & Lifestyle Benefits Wellness incentives tied to HSA contributions and company-sponsored health and wellbeing programs add tangible non-cash value. A Lifestyle Spending Account and counseling resources expand support beyond traditional medical coverage.

KeyBank Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Cleveland, OH
16,053 Employees
Year Founded: 1949

What We Do

At KeyBank we’ve made a promise to our clients that they will always have a champion in us. To deliver on our promise, we’re committed to building a team of engaged employees who do the right thing for our clients and shareholders, and help them achieve financial wellness each and every day.

Similar Jobs

PwC Logo PwC

Procurement Operations Senior Associate

Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
Remote or Hybrid
67 Locations
370000 Employees
151K-187K Annually

General Motors Logo General Motors

Regional Launch & Sustainment Manager - MobileService+ (Western Region)

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
United States
165000 Employees
106K-141K Annually

General Motors Logo General Motors

Regional Launch & Sustainment Manager - MobileService+ (NE Region)

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
United States
165000 Employees
106K-141K Annually

General Motors Logo General Motors

Regional Launch & Sustainment Manager - MobileService+ (North Central Region)

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
United States
165000 Employees
106K-141K Annually

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account