Senior Manager - Machine Identity & Authentication Security

Description This role provides enterprise leadership and deep technical expertise across authentication, PKI, and machine identity services. The position combines hands-on Venafi and PKI subject-matter expertise with strategic ownership of MFA and identity security platforms, driving operational maturity, risk reduction, and continuous improvement across hybrid and cloud environments. Responsibilities Enterprise Strategy & Governance Define and own the enterprise strategy and roadmap for MFA, PKI, and machine identity services Translate business and cyber risk into actionable identity security capabilities and investment priorities Establish standards, governance models, and architectural guardrails for authentication and cryptography Serve as a senior escalation authority for authentication- or certificate-related incidents Influence enterprise architecture, risk, and executive governance forums Venafi / PKI SME & Continuous Improvement Act as a subject-matter expert for Venafi Trust Protection Platform (TPP) , driving architectural, operational, and process improvements Lead certificate discovery, inventory, lifecycle governance, and automation initiatives Integrate Venafi with internal and public certificate authorities Reduce operational risk by eliminating manual certificate processes and certificate-related outages Enable certificate automation across cloud platforms, containers, and CI/CD pipelines Identify and remediate cryptographic technical debt and lifecycle risks Service Ownership & Delivery Management Lead multiple delivery teams or service towers supporting MFA, PKI, and Venafi-based platforms Own service KPIs, SLAs, availability targets, and operational maturity models Drive automation, standardization, and self-service capabilities across identity services Oversee capacity planning , vendor relationships, partner delivery, and client engagement Ensure consistent service quality across regions, platforms, and environments MFA & Authentication Platforms Define enterprise MFA and passwordless authentication strategies Govern authentication platforms such as Okta, Azure AD, and Duo Drive adoption of phishing-resistant authentication (e.g., FIDO2, device trust) Ensure secure integration with SaaS, on-prem, VPN, and cloud platforms Balance security controls with usability, productivity, and user experience Risk, Compliance & Assurance Ensure compliance with NIST, FIPS, ISO, PCI, SOX , and applicable regulatory frameworks Partner with GRC teams on control design, risk assessments, and audit evidence Lead authentication and certificate-related risk assessments Proactively reduce audit findings through governance, automation, and lifecycle controls People & Organizational Leadership Lead and develop managers, technical leads, and senior engineers Build talent pipelines and succession plans for identity security capabilities Coach leaders on technical depth, delivery excellence, and stakeholder engagement Foster a culture of ownership, accountability, and continuous improvement Requirements Experience & Leadership 6+ years of experience in cybersecurity, IAM, or identity-related domains 5+ years of hands-on experience with MFA, PKI, and certificate lifecycle management 3+ years in a leadership role managing managers, leads, or senior engineers Proven ownership of enterprise-scale identity or security services Core Technical Knowledge Strong understanding of authentication protocols (SAML, OIDC, OAuth, RADIUS) Deep knowledge of PKI architectures, cryptography, and certificate lifecycle management Experience managing machine identity risk and automation Familiarity with security and data governance best practices Preferred Technical Experience Venafi Trust Protection Platform (TPP) (strongly preferred) MFA platforms: Okta, Azure AD, Duo PKI technologies: AD CS, public CAs, HSMs Automation using PowerShell, Python, and REST APIs Cloud platforms: AWS, Azure, GCP Certificate automation in Kubernetes, CI/CD, and DevOps pipelines