Sr Identity Access Management - CyberArk Administrator - Remote

Introduction

SitusAMC is where the best and most passionate people come to transform our client’s businesses and their own careers. Whether you’re a real estate veteran, a passionate technologist, or looking to get your start, join us as we work together to realize opportunities for everyone, we proudly serve.

About the Role

At SitusAMC, we are looking to match your unique experience with one of our amazing careers, so that we can help you realize your potential and career growth within the Real Estate Industry. If you are someone who can be yourself, advocate for others, stay nimble, dream big, own every outcome, and think global but act local – come join our team!

Responsibilities

This role is responsible for overseeing the strategy, implementation, and governance of identity and access management across corporate and client environments. This role ensures secure, complaint, and efficient access to systems and applications, safeguarding critical assets and data. The AVP will lead initiatives to strengthen identity security, enforce access controls, and maintain compliance with organizational and regulatory standards.

Essential Job Functions

• Define and maintain the IAM strategy, roadmap, and reference architecture covering workforce, privileged, non-human, and application identities.
• Champion Zero Trust principles—strong authentication, continuous evaluation, least privilege, and just-in-time access.
• Align IAM programs with enterprise security architecture, cloud adoption, data protection, and digital transformation initiatives.
• Establish governance for identity lifecycle, access policies, and compliance with internal standards and external regulations (SOX, HIPAA, PCI DSS, GDPR, ISO 27001).
• Own joiner–mover–leaver (JML) processes and ensure accurate, timely provisioning and deprovisioning integrated with HRIS and directories.
• Implement and maintain RBAC/ABAC models, role mining, segregation of duties (SoD), and toxic combination controls.
• Govern federation standards (SAML, OIDC/OAuth2), app onboarding, token lifecycles, and session management.
• Optimize user experience while maintaining security for workforce, partners, and service accounts.
• Enforce least privilege, credential vaulting, session recording, and JIT elevation for admins and high-risk roles.
• Govern break-glass procedures and reduce standing privileges across servers.