Head of Identity and Access Management Services
New York Life Insurance Company ("New York Life" or "the company") is the largest mutual life insurance company in the United States*. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.
New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion. As of year-end 2016, New York Life's surplus was $23.336 billion. New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody's Aaa; Standard & Poor's AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).
Financial strength, integrity and humanity—the values upon which New York Life was founded—have guided the company's decisions and actions for over 170 years.
Under general direction of the CTSO, and in collaboration with the CISO, the head of Identity and Access Management Services is responsible for leading the technical design, development, implementation and management of the technology, systems and operation of an enterprise wide Identity and Access Management service which will support the needs and processes of the business units, the CISO office business units, as well as any support required to service external customers.
Specific areas of this functions responsibility include but are not limited to:
- Designing and implementing appropriate operational processes and controls which are aligned with key stakeholders and regulatory requirements to help assure that information created, acquired or maintained by NYL and its authorized users, is used in accordance with its intended purpose;
- Proactively identifying associated risks and protecting NYL's information and infrastructure from external / internal threats
- Lead the engineering, implementation and management of a shared service which covers:
- Identity Life Cycle Management
- Access Management
- Role and Rights Management
- Entitlement Review and Attestation (Audit & Assurance)
- Support of Identity & Access Analytics
- As one of the key stakeholders, you will provide appropriate consultancy and leadership in establishing policies, guidelines, standards, processes, procedures, best practices in support of the technology operation and Identity and Access management offering.
- You have successfully designed, engineered and implemented the consolidation of diverse Identity and Access management services spanning multiple platforms, directory architectures, authentication and access management services.
- You are prepared to lead the technical and operational design, implementation and management of an enterprise level Identity & Access Management (IAM) solution and shared service which addresses all critical Internal and external customer and business requirements. The solution will be the global foundation for all Identities and Access Management needs and integrate with external (e.g. Cloud and SaaS) and internal enterprise systems.
- You will align the IAM technology and operational strategy with the CISO Governance requirements, policies and processes as well as the overall business and Enterprise Architecture. This includes appropriate operational policies, procedures and governance considerations, IT change control, and IT risk and compliance management programs.
- As leader of the technical IAM solution and service, you are also responsible for the appropriate technology support of the Risk and Governance processes established by the CISO office and the technical support of regular access reviews and attestations as well as the technical support of Internal and External Audit requests (IT Controls).
- You will effectively lead, develop and mentor teams of Information Security professionals as well as contractors, vendors and services providers.
- In collaboration with the CISO and internal audit, you will support the continued development of appropriate criteria to assess processes, applications, and technology infrastructure elements for compliance with enterprise information security, risk management, and regulatory standards
- Seasoned leader of global professionals and cross functional teams, who can attract, develop and retain top talent in the field.
- Direct experience leading the design, implementation and management of Information Security solutions and services for a global corporation (Fortune 1000)
- Ability to deal with ambiguity very dynamic and high speed and complex business environment.
- 15 years of leadership experience in the information security field with specific demonstrated success in the IAM domain and related process design.
- Excellent understanding and broad knowledge of all IT Architecture, Operations, Information Security & Risk Management, strategic planning and the related tactical initiatives needed to achieve the plan.
- Bachelor's degree; concentration in Computer Science, Management Information System, or equivalent Business experience desired Sound understanding of financial management and departmental budgeting required
- Demonstrated ability to serve as a respected member of a senior management team and effectively communicate security-related concepts to a broad range of technical and non-technical management and staff, including executive management.
- Demonstrated ability to meet objectives, deliver quality results in a high performance environment
- Excellent skills interacting and mediating sensitive situations at all levels of the organization and with external customers and auditors.
- Ability to easily defuse critical situations and manage escalations appropriately.
- Ability to communicate effectively both orally and in writing; ability to communicate with customers, associates and management in a cross functional matrix organization; solid teamwork and interpersonal skills
- Strong presentation skills; ability to present and discuss business issues, strategies as well as technical information in a manner that establishes rapport, persuades others, and gains understanding at all levels of the organization.
- Good business and financial planning, analytical, and conceptual skills to evaluate business risks and apply knowledge to identify appropriate solutions
- Solid project management skills including the ability to effectively deploy resources and manage multiple projects of various diverse scope in a matrix and cross-functional environment
- Solid knowledge of information security principles and practices
- Excellent interpersonal, communication and collaboration skills to successfully interact and influence employees and key business partners and providers at all levels
- Excellent track record communicating, managing complex projects and influencing others, in a diversified and international matrix organization. Adept at proposing, implementing and managing change while prepared to question the "Status Quo"
- High level of personal integrity with the ability to professionally handle highly sensitive and confidential situations with Executives, Customers and 3rd parties
- Certification in Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization desired
If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.
- Based on revenue as reported by "Fortune 500, ranked within Industries, Insurance: Life, Health (Mutual)," Fortune Magazine, June 17, 2016. See http://fortune.com/fortune500/ for methodology.
Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company's long-term financial strength and stability and is presented on a consolidated basis of the company.
Operating earnings is the key measure use by management to track Company's profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.
- Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.
Meet Some of New York Life Technology's Employees
HR Business Partner
As an HR Business Partner to New York Life's Technology Team, Chester is a valued partner who delivers services to support the team's objectives and employees.
Back to top