Staff Security Risk & Compliance Program Manager - Access Management

This listing is synced directly from the company ATS.

Role Overview

As a Staff Security Risk & Compliance Program Manager, you will own Confluent's internal access management program, focusing on machine and workload identity, non-human identity, and AI agent access controls. You will set strategy, drive cross-functional execution, and report on access posture to senior leadership, ensuring least-privilege security across the Confluent Cloud platform.

Perks & Benefits

This is a remote position with flexibility to work across time zones. Confluent offers a collaborative culture with a focus on belonging and diversity. Career growth opportunities include leading a high-impact security program and influencing company-wide security posture. Typical tech benefits like health insurance, equity, and professional development support are implied.

Full Job Description

We’re not just building better tech. We’re rewriting how data moves and what the world can do with it. With Confluent, data doesn’t sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.

It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.

One Confluent. One Team. One Data Streaming Platform.

About the Role:

We are seeking a highly motivated and experienced Staff Security Risk & Compliance Program Manager - Access Management to join our Trust & Security team. This senior role owns Confluent's internal access management program and leads its evolution toward machine and workload identity — service-to-service (S2S) authentication, non-human identity (NHI), and access controls for AI agents — as the next frontier of least-privilege security for the Confluent Cloud platform.

You will be the horizontal owner of how Confluent governs access: the Access Management Standard, access metrics, and the executive reporting cadence. As access operations are distributed across partner functions, you will hold the policy, risk, and measurement line so Confluent maintains one coherent access posture rather than fragmented silos.

What You Will Do:

  • Strategy and Leadership: Own the strategic direction and roadmap for Confluent's internal access management program, with machine and workload identity as the durable center of gravity. Drive the program's maturity model from control-building toward sustained governance and least-privilege outcomes.

  • Machine & Workload Identity: Lead the program to enforce service-to-service (S2S) authentication across Trust & Security-owned surfaces, taking ownership of the enforcement hand-off from the identity engineering team. Formalize non-human identity (NHI) — service accounts, keys, and workload credentials — from pilot into a funded, governed program. Stand up access controls for AI agents as agentic workloads acquire production access.

  • Access Governance & Standards: Own the Access Management Standard and the policies that operationalize least privilege, separation of duties, and periodic access review across human and machine access. Ensure the standard keeps pace with the evolving access surface and remains audit-ready.

  • Metrics, Reporting & Governance Cadence: Own access metrics and reporting (e.g., JIT/unilateral-access volume, broad-privilege usage, prod-access reduction). Define and track program OKRs and run the monthly execution and executive-review cadence, articulating risk posture and progress to senior leadership.

  • Cross-Functional Execution & Transitions: Drive cross-functional delivery with engineering, platform, and identity teams without direct authority.

  • Integration with GRC and Partner Functions: Ensure the access management program is tightly integrated with adjacent GRC domains and partner teams (Insider Threat, IT/Identity, Detection & Response, and engineering owners), with clear RACI across governance and operations.

What You Will Bring:

  • Experience: 8+ years in security program management, identity & access management, or a closely related security discipline, with at least 3 years running an enterprise- or platform-scale access program in a technology company.

  • Technical Skills:

    • Deep expertise in identity and access management concepts: least privilege, separation of duties, RBAC/ABAC, just-in-time (JIT) and privileged access management (PAM), and access review/certification.

    • Working knowledge of machine and workload identity — service-to-service authentication, non-human identity, service accounts, secrets/key management, and emerging AI-agent access patterns.

    • Strong security engineering fundamentals across cloud infrastructure security controls in GCP, AWS, and/or Azure, including Kubernetes and cloud control-plane access models.

    • Familiarity with identity platforms and access tooling (e.g., Okta, JIT/access-orchestration tooling) and how access controls are enforced in production.

  • Tooling and Automation: Experience integrating access processes, controls, or findings into GRC and access-orchestration platforms, and a bias toward automating access decisions over manual operations.

  • Program Management Skills:

    • Strong project management and organizational skills.

    • Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.

    • Experience running long-term, complex security programs that deliver iterative, measurable risk reduction.

  • Communication and Collaboration Skills:

    • Excellent written and verbal communication, with the ability to influence and lead without direct authority across engineering and security teams.

    • Ability to articulate complex technical concepts and program status to executive-level audiences and technical teams alike.

Ready to build what's next? Let’s get in motion.

Come As You Are

Belonging isn’t a perk here. It’s the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what’s possible.

We’re proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.

Privacy Statement

Confluent is an IBM subsidiary which has been acquired by IBM and will be integrated into the IBM organization. By proceeding with this application, you understand that Confluent will share your personal information with other IBM affiliates involved in your recruitment process, wherever these are located. More Information on how IBM protects your personal information, including the safeguards in case of cross-border data transfer, are available here.

Similar jobs

Found 6 similar jobs