Note: The job is a remote job and is open to candidates in USA. Confluent is a company focused on redefining data movement and its applications. They are seeking a highly motivated Staff Security Risk & Compliance Program Manager - Access Management to lead the internal access management program, focusing on machine and workload identity along with access governance and standards.
Responsibilities
- Own the strategic direction and roadmap for Confluent's internal access management program, with machine and workload identity as the durable center of gravity
- Drive the program's maturity model from control-building toward sustained governance and least-privilege outcomes
- Lead the program to enforce service-to-service (S2S) authentication across Trust & Security-owned surfaces, taking ownership of the enforcement hand-off from the identity engineering team
- Formalize non-human identity (NHI) — service accounts, keys, and workload credentials — from pilot into a funded, governed program
- Stand up access controls for AI agents as agentic workloads acquire production access
- Own the Access Management Standard and the policies that operationalize least privilege, separation of duties, and periodic access review across human and machine access
- Ensure the standard keeps pace with the evolving access surface and remains audit-ready
- Own access metrics and reporting (e.g., JIT/unilateral-access volume, broad-privilege usage, prod-access reduction)
- Define and track program OKRs and run the monthly execution and executive-review cadence, articulating risk posture and progress to senior leadership
- Drive cross-functional delivery with engineering, platform, and identity teams without direct authority
- Ensure the access management program is tightly integrated with adjacent GRC domains and partner teams (Insider Threat, IT/Identity, Detection & Response, and engineering owners), with clear RACI across governance and operations
Skills
- 8+ years in security program management, identity & access management, or a closely related security discipline, with at least 3 years running an enterprise- or platform-scale access program in a technology company
- Deep expertise in identity and access management concepts: least privilege, separation of duties, RBAC/ABAC, just-in-time (JIT) and privileged access management (PAM), and access review/certification
- Working knowledge of machine and workload identity — service-to-service authentication, non-human identity, service accounts, secrets/key management, and emerging AI-agent access patterns
- Strong security engineering fundamentals across cloud infrastructure security controls in GCP, AWS, and/or Azure, including Kubernetes and cloud control-plane access models
- Familiarity with identity platforms and access tooling (e.g., Okta, JIT/access-orchestration tooling) and how access controls are enforced in production
- Experience integrating access processes, controls, or findings into GRC and access-orchestration platforms, and a bias toward automating access decisions over manual operations
- Strong project management and organizational skills
- Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making
- Experience running long-term, complex security programs that deliver iterative, measurable risk reduction
- Excellent written and verbal communication, with the ability to influence and lead without direct authority across engineering and security teams
- Ability to articulate complex technical concepts and program status to executive-level audiences and technical teams alike
Benefits
- Offers Equity
- REMOTE
Company Overview
Company H1B Sponsorship