What are the responsibilities and job description for the AVP, Identity and Access Management position at Fortitude Re?
Fortitude Reinsurance Company Ltd. (Fortitude Re) is one of the world's leading providers of legacy reinsurance solutions. They work with the world's leading insurance companies to help them execute comprehensive, transformational solutions for legacy Life & Annuity and P&C lines. Fortitude Re manages a general account of approximately $111 billion across life, annuity, and property & casualty insurance products. The company takes a long-term view on growth and is proud to be backed by a consortium of sophisticated institutional investors led by The Carlyle Group and T&D Insurance Group. Incorporated under the laws of Bermuda on January 1, 2017, Fortitude Re's roots in the insurance industry and the experience of their leadership go back many decades. Fortitude Re's leadership team has an average industry tenure of over 20 years, and an impressive track record of successfully managing the most complex legacy liabilities. Their deep insurance experience and proprietary risk modeling capabilities allow them to structure bespoke transactions that benefit both insurance companies and their policyholders. Fortitude Re continues to strengthen its ability to pursue further growth and provide innovative solutions for the global insurance industry. Click here for more information about Fortitude Re.
The AVP of Identity Access Management will lead the design, implementation, and maintenance of the organization's Identity Access Management program. This leadership role will drive key IAM strategies, ensuring the security and operational efficiency of access management practices across the organization. The ideal candidate will leverage their expertise to enhance IAM governance, support compliance initiatives, and establish robust controls that protect organizational assets and align with regulatory standards.
What You Will Do:
Develop and implement the IAM strategy, with a strong emphasis on access control, lifecycle management, and role-based access across the organization. Lead the IAM program's alignment with organizational goals and regulatory requirements.
Manage the IAM setup, including integration with core systems, role management, and user access provisioning.
Design, implement, and manage custom transforms and rules within IAM system to address unique business needs and complex use cases. Develop and maintain logic to support access certification, provisioning workflows, and role-based access controls, ensuring data accuracy and alignment with security policies.
Lead initiatives in role mining and access reviews, utilizing IAM system's tools to streamline access control, optimize entitlements, and support compliance efforts.
Manage and enhance the privileged access management (PAM) framework, focusing on privileged account protection, session monitoring, and secure vaulting. Guide the PAM strategy to reduce risk exposure related to privileged credentials.
Collaborate with risk and compliance teams to ensure IAM policies and processes meet regulatory standards and industry best practices. Develop controls and reporting mechanisms to monitor IAM policy compliance, identifying potential risks and remediation actions.
Identify and implement IAM process improvements, including automation for access provisioning and deprovisioning, monitoring, and reporting. Ensure processes are scalable and resilient to support current and future business needs.
Partner with relevant internal stakeholders to understand access requirements and ensure seamless collaboration on IAM initiatives. Act as the primary point of contact for IAM-related inquiries and escalations.
Support incident response efforts for IAM-related security events, providing expertise in access controls, breach containment, and root cause analysis. Coordinate with the cybersecurity team to develop IAM-centric threat detection and response capabilities.
What You Will Have:
Bachelor's degree in Information Technology, Cybersecurity, or a related field; Master's degree preferred.
Minimum of 7 years of experience in Identity Access Management. Demonstrated expertise in industry recognized IAM and PAM tools is required.
Extensive experience with IAM systems, including implementation, configuration, custom transforms and rules, role management, and access certifications.
Deep understanding of PAM system capabilities, including secure credential vaulting, PAM workflows, and session management.
Strong background in IAM frameworks, policies, and regulatory compliance (e.g., SOX, GDPR).
Experience with API integrations, cloud environments, and scripting for process automation (e.g., Python, PowerShell) is a plus.
Preferred Certifications:
CISSP, CISM, or CRISC
IAM and PAM system certifications
LI-Hybrid
At Fortitude Re, our strength has always come from our people. Our success is deeply rooted in our ability to embrace the unique attributes, perspectives and experiences of every individual within our company. Fostering a culture of inclusion and belonging where everyone—regardless of background, race, religion, sexual orientation or gender identity—feels valued and respected is a foundation of our culture.
We are committed to being an equal opportunity employer and evaluate qualified applicants without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, diversity of thought and any other characteristic protected by applicable law.
To all recruitment agencies: Unless you have been requested to work on this position, or other positions with Fortitude Re, please do not forward any resumes to Fortitude Re employees. Fortitude Re is not responsible for any fees related to unsolicited resumes.
Check us out on YouTube: About Fortitude Re (youtube.com)
