Director, Identity and Access Management




London, United Kingdom

Why you should apply for a job to Mastercard:

  • 4.7/5 in supportive management
  • 69% say women are treated fairly and equally to men
  • 100% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.


    Position summary

    Security for Vocalink Limited, a company that enables the payments of 90% of salaries, 70% of utility bills, most ATM transactions and every cheque cleared in the UK.

    The successful candidate will become part of a high functioning team, dedicated to delivering a robust, secure and resilient service to 60+million citizens every day with transactional volume of 11 billion/year and total annual transactional value in excess of GBP6 Trillion.

    The IAM (Identity and Access Management) Security Director is part of a team playing a crucial role in designing, implementing, and overseeing the company's identity and access management solutions. The ideal candidate will help define, enhance, and implement Vocalink's information security architectures, while ensuring consistent administration of information security policies, standards, procedures, and controls to effectively improve security posture.

    In this role, you will:
    • Design and deploy robust IAM solutions
    • Regularly review and refine IAM policies to ensure they align with industry best practices and regulatory standards
    • Lead and manage IAM projects, ensuring they are delivered on time and meet the set specifications
    • Collaborate with Technology and security teams to seamlessly integrate IAM solutions into the existing infrastructure
    • Monitor and respond to any security breaches or irregularities within the IAM systems
    • Provide guidance and mentorship to junior team members, fostering a culture of continuous learning and improvement
    • Conduct information security risk assessments for the Identity within Technology projects, and oversee and input on enhancements to provisioning, recertification & Privileged Access Management processes
    • Understand IAM control requirements, standards and Technology control framework and translate them into architecture patterns and solution designs, to help advise project managers and developers across the business
    • Collaborate with Group IAM to review and advise on architectural designs and recommending IAM controls to be implemented into Group projects, to help ensure key identity risks are mitigated at the design phase
    • Maintain awareness of current and emerging security risks and the changing threat landscape and recommend mitigating solutions to Project Managers and Developers to help ensure security enhancement and controls are pro-actively applied
    • Support the development and maintenance of identity principles and building blocks and defining security architecture reference models to help ensure efficient application and risk mitigation across Group and business divisions
    • Assist in the evaluation and selection of identity management technology and products as defined in the security technology roadmap, to help ensure that the selected tooling aligns with Vocalink's control requirements
    • Review the configuration of existing systems or solutions and identify security issues which require a change to its configuration, provide improvement recommendations and escalate any potentials risks to help ensure security risks are pro-actively managed
    • Oversee vendors responsible for providing IAM tools and services and escalate any process deficiencies and remediation actions required to the IAM Manager to help ensure providers meet contractually defined Service Level Agreements (SLAs) required to manage Vocalink risk

    All About You
    • Track record of embedding security controls in a complex organisation
    • Relevant experience of working in a complex (preferably multi-national) stakeholder environment that includes complex customers and regulators.
    • Ability to articulate themselves clearly and concisely to a broad range of senior and junior stakeholders, acting as a bridge as well as guide for the implementation of new capabilities.
    • Strong influencing skills; organizationally savvy
    • Experience working with regulators (Bank of England supervision)
    • Experience of presenting and communicating at board level
    • Communication - requires effective communication skills - both written and oral - to deal with large diverse customer base (internal and external)
    • Problem solving - excellent analysis and deductive skills
    • Customer focus - passion for excellence
    • Ethics - strong personal and professional ethics
    • Highly motivated and conscientious individual
    • Embodies and demonstrates all of the brand values required by Vocalink and Mastercard
    • Ability to motivate, inspire and lead people effectively
    • Line manager and a team player - leads by example
    • Strategic thinker - able to develop and communicate direction
    • Commercially aware

    Corporate Security Responsibility

    All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

    • Abide by Mastercard's security policies and practices;
    • Ensure the confidentiality and integrity of the information being accessed;
    • Report any suspected information security violation or breach, and
    • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

    Why you should apply for a job to Mastercard:

  • 4.7/5 in supportive management
  • 69% say women are treated fairly and equally to men
  • 100% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.