SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 85001, Phoenix, AZ
  3. Identity & Access Governance Lead

Identity & Access Governance Lead

OneAZ Credit Union
Posted a day ago, valid for 17 days
Location

Phoenix, AZ 85001, US

Salary

Competitive

Contract type

Full Time

Paid Time Off
Tuition Reimbursement

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Join Us in Making an Impact ✨

At OneAZ Credit Union, our success is measured only by yours. We’re here to create lasting change in the lives of our members, our communities, and our team. If you're looking for a career with purpose, where your work truly matters—you've found it! 

  

Who You Are 

You’re impactful, compassionate, and fearless, ready to embrace new challenges and shape the future of financial well-being. You take accountability for our success and thrive in an environment where curiosity is celebrated. If this sounds like you, let’s build something great together. 

  

What You’ll Do 

This role is primarily a hybrid position tied to our Corporate Office at 2355 W Pinnacle Peak Rd, Phoenix, AZ 85027. 


The Identity & Access Governance Lead is responsible for establishing, overseeing, and continuously improving the credit union’s Identity and Access Management (IAM) governance framework as a Second Line of Defense (2LoD) function. This role provides independent oversight of IAM controls, access risk, and compliance across the enterprise, with a primary focus on governance, assurance, and control effectiveness rather than day-to-day operational administration.

The position partners closely with First Line of Defense (1LoD) IT and business teams to govern role-based access models, ensure ongoing access reviews, and validate that identity lifecycle controls, including provisioning and deprovisioning, are designed and operating effectively across Microsoft Active Directory, Microsoft Entra, Microsoft 365, and critical business applications.

This role plays a key part in regulatory readiness, audit support, and IAM maturity, while maintaining appropriate separation from operational execution.


IAM Governance & Second Line Oversight

  • Serve as the 2LoD authority for IAM governance, providing independent oversight of access controls, identity lifecycle processes, and role management practices.
  • Assess the design and operating effectiveness of IAM controls implemented by the 1LoD, including access provisioning, deprovisioning, and periodic access certifications.
  • Develop, review, and maintain IAM governance documentation, including policies, standards, control requirements, and access review methodologies.
  • Ensure IAM governance practices align with internal risk management standards and regulatory frameworks such as FFIEC, GLBA, and NIST.

Role-Based Access Control (RBAC) Governance

  • Partner with 1LoD teams to define, review, and govern role-based access control (RBAC) models for:
    • Microsoft Active Directory
    • Microsoft Entra (Azure AD)
    • Critical and high-risk business applications
  • Validate role definitions and entitlement mappings to ensure adherence to least privilege and segregation of duties (SoD) principles.

User Access Reviews & Certifications

  • Lead and oversee ongoing user access reviews across the Microsoft environment and designated critical applications.
  • Analyze access and entitlement data to identify anomalies, inappropriate access, and control deficiencies.
  • Ensure timely completion, documentation, and evidence retention of access reviews to support audit and regulatory examinations.

Provisioning & Deprovisioning Governance

  • Provide governance oversight and control requirements for automated provisioning and deprovisioning processes.
  • Partner with 1LoD teams to define access lifecycle standards for joiners, movers, and leavers (JML).
  • Assist with requirements definition, risk assessment, and control design for the build-out or enhancement of provisioning and deprovisioning tooling, while maintaining separation from operational execution.

Risk, Audit & Regulatory Support

  • Act as a key IAM governance contact for internal audit, external audit, and regulatory examinations.
  • Provide access governance evidence, control documentation, metrics, and issue tracking.
  • Identify IAM-related risks and control gaps, and partner with stakeholders to drive remediation.
  • Develop and maintain IAM risk and control reporting for executive and risk leadership.

Metrics, Reporting & Continuous Improvement

  • Define and maintain IAM governance metrics related to access reviews, role health, provisioning effectiveness, and control compliance.
  • Provide regular reporting to the CISO and relevant risk committees.
  • Identify opportunities to improve IAM governance maturity, automation, and risk reduction.
  • Stay current on evolving IAM technologies, identity governance practices, and regulatory expectations.


What You Bring

  • H.S. Diploma Required
  • Bachelors Degree in Information Security, Computer Science, Information Systems, or a related field Required.
  • 5-8 years similar or related experience of IAM, IT Risk, or IT Compliance experience, including governance or oversight responsibilities Required.
  • Experience in financial services or regulated industries and familiarity with Microsoft Active Directory, Entra, Microsoft 365, and IAM tooling (access certification, RBAC, provisioning) Preferred.
  • Strong understanding of IAM governance principles, including RBAC, least privilege, segregation of duties, and access lifecycle management.
  • Ability to independently assess control effectiveness and articulate access risk.
  • Strong analytical skills with the ability to interpret complex entitlement data.
  • Excellent written and verbal communication skills, including audit- and regulator-facing documentation.
  • Ability to influence and partner effectively with 1LoD teams without direct authority.
  • High attention to detail and strong accountability mindset.
  • Licenses and Certifications
    • Certified Identity and Access Manager (CIAM)
    • Certified Identity and Access Professional (CIAP)
    • CISSP or equivalent industry certification


Compensation & Benefits 

  • Generous paid time off: paid holidays, floating holidays, personal days, vacation days, plus sick time
  • Low-cost Medical, Dental & Vision plans 
  • Paid childcare assistance
  • Award-winning 401K
  • Gym fee reimbursement 
  • Tuition Reimbursement 
  • Student loan repayment
  • ...and much more. Explore all the details in our comprehensive Benefits Booklet
  • Target hiring range $97,000 - $120,800 USD (Depending on experience and prior to any incentives this position is eligible for)


Why Join OneAZ?

At OneAZ, we’re not just a credit union; we’re a financial trailblazer that passionately cares about inspiring dreams and driving prosperity in the communities we serve. We exist to clear the way for dreamers and doers, aspiring to be the bank for new pioneers. 


We are driving change in our communities, constantly improving our products and services so our members and their families can relentlessly pursue their dreams. By embodying our values and living our promise, you’ll be part of a team committed to exceeding expectations and redefining what’s possible. 



Additional Notes: 

Knowingly submitting false information will result in disqualification for consideration of future positions, termination of employment and forfeiture of other rights. Candidates for this position will be required to sign an authorization for OneAZ to conduct a credit and criminal background check, pursuant to procedures in the Fair Credit Reporting Act and any other applicable laws. All candidates will be considered for this position on an individualized basis, in compliance with all applicable equal employment opportunity laws. Ensures compliance with applicable policies, laws, and regulations, including the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) compliance, USA Patriot Act, and Office of Foreign Assets Control (OFAC). As applicable, any individual who meets the definition of a mortgage loan originator (MLO) and is employed by a federal agency-regulated institution will need to be registered on the Nationwide Mortgage Licensing System (NMLS). This job description should not be considered all-inclusive. It is merely a guide of expected duties. The associate understands that the job description is neither complete, nor permanent and may be modified at any time. At the request of their supervisor, an associate may be asked to perform additional duties or take on additional responsibilities without notice. Complies with all policies and standards. Position grades could fluctuate based on market value.





Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs