Sr Director, Identity Access Management and Data Protection

Company

Cox Automotive - USA

Job Family Group

Information Technology

Job Profile

Sr Director, Cybersecurity

Management Level

Sr Director

Flexible Work Option

Hybrid - Ability to work remotely part of the week

Travel %

Yes, 25% of the time

Work Shift

Day

Compensation

Compensation includes a base salary of $171,800.00 - $286,400.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.

Job Description

The Senior Director of Identity and Access Management (IAM) and Data Protection will define and execute the vision and forward-thinking strategy for Cox Automotive’s IAM program globally, aligning it with both enterprise and product business objectives.  This leader will also establish policies and guardrails for end user collaboration and data sharing in today’s hybrid combination of on-premise and cloud based collaboration tools. This role requires a deep understanding of cybersecurity principles, industry best practices, and emerging technologies to ensure the security and integrity of our organization's digital assets.    

This role will directly report to the Chief Information Security Officer of Cox Automotive.  

Responsibilities

• Develop, socialize, and gain alignment on an overall Identity and Access Management (IAM) strategy and framework that includes workforce identity, customer identity, authentication, and privileged access management.
• Partner with operational teams to define requirements, guardrails, and operating standards for workforce identity (including cloud IAM), customer identity, authentication/centralized identity providers, and privileged access management (both on-premise and cloud).
• Effectively communicate IAM and Zero Trust concepts and strategies to non-technical partners, fostering a shared understanding of security and identity principles for workforce identity, customer identity, authentication and privileged access management.
• Establish and implement IAM policies, standards, and procedures, ensuring compliance with applicable laws, regulations, customer expectations, and relevant security frameworks.
• Monitor developments in the IAM security industry including vendor strategies and roadmaps and continuously assess and enhance IAM policies, procedures, and technologies to adapt to evolving threats and business needs.
• Lead the evaluation and potential selection and implementation of emerging technologies and cutting-edge IAM solutions that may replace existing solutions or bring compelling new capabilities to the environment.
• Define appropriate IAM security metrics and provide regular and consolidated reporting to the senior leadership team.
• Establish and implement policies and standards for unstructured data collaboration for end users, including tagging, sharing controls, and zero trust approach to remote access to data based on risk. 
• Continually assess and monitor features in key collaboration tools like M365 and Slack and partner with operational teams to ensure that new features are deployed securely and within established policy guardrails.
• Hire, train, motivate, guide, grow and develop direct reports and employees. Ensure a participative/engaged work environment that will attract and maintain a workforce of talented and satisfied employees.
• Identify, propose, and influence business solutions, negotiate deliverables and requirements across multiple business customers or organizations.
• Analyze and manage capital and expense budgets.
• Oversee and lead contract negotiations and vendor management.
• Represent the business in key industry groups.

Minimum Qualifications

• Bachelor’s degree in a related discipline and 14 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 12 years’ experience; a Ph.D. and 9 years’ experience in a related field; or 18 years’ experience in a related field
• 10+ years of experience required in the field of information security with a demonstrated path of increasing scope and management responsibilities.
• 5+ years of experience in IAM leadership roles with a track record of building high-performing teams, a strong background in risk management, and driving innovation across the Identity and Access Management discipline
• Strong understanding of IAM principles, technologies, and standards, including LDAP, SAML, OIDC, OAuth, PKI, FIDO2, and IAM frameworks (e.g., SailPoint, Okta, EntraID).
• In-depth knowledge of authentication mechanisms, access control models, and identity governance principles for both on-premise and cloud based infrastructure and services.
• Ability to make strategic decisions, supervise complex programs, manage, and educate highly skilled professionals, and manage other departments relating to IAM and data protection. 
• Solid, pragmatic business acumen, proven record of creatively solving problems, and offering solutions.
• Consultative nature to work through controversial or complex topics to employees, leaders, and/or top management.
• Ability to manage multiple complex projects while meeting deadlines and managing leaders of teams to achieve optimal results.
• Develop strong and productive working environment with key stakeholders and collaborate closely with other Cox entities’ security teams to implement security best practices.  
• Excellent customer service skills, writing and executive presentation skills.
• Relevant industry certification: CISSP, CISM, CISA, etc.

Preferred Qualifications

• Advanced degree (MBA / MS)
• 5+ years of experience in a senior management role.
• Experience in customer identity programs for large scale software products and services.

Drug Testing

To be employed in this role, you’ll need to clear a pre-employment drug test. Cox Automotive does not currently administer a pre-employment drug test for marijuana for this position. However, we are a drug-free workplace, so the possession, use or being under the influence of drugs illegal under federal or state law during work hours, on company property and/or in company vehicles is prohibited.

Benefits

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave.

About Us

Through groundbreaking technology and a commitment to stellar experiences for drivers and dealers alike, Cox Automotive employees are transforming the way the world buys, owns, sells – or simply uses – cars. Cox Automotive employees get to work on iconic consumer brands like Autotrader and Kelley Blue Book and industry-leading dealer-facing companies like vAuto and Manheim, all while enjoying the people-centered atmosphere that is central to our life at Cox. Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page. Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship.