Cyber Assurance & Reporting Specialist

As a leading regional bank, SouthState has been providing financial solutions to individuals, families, and businesses in the Southeast for more than 100 years. SouthState team members strive to create remarkable experiences while building meaningful and lasting relationships. We are proud to be a reflection of the communities we serve, and our team members share core values that make SouthState a great place to bank, and a great place to work.

SUMMARY/OBJECTIVES

The Cyber Assurance & Reporting Specialist will be responsible for overseeing user access reviews, governing identity and access management (IAM) policies, and managing key projects to enhance the Bank’s security posture. The ideal candidate will possess in-depth technical knowledge of IAM principles, strong leadership skills, and the ability to manage complex initiatives across the enterprise.

ESSENTIAL FUNCTIONS

This position is expected to perform the specific duties, tasks, and responsibilities as outlined below:

• Identity & Access Governance: Oversee the organization’s identity governance framework, ensuring adherence to best practices, security policies, and compliance requirements.

• User Access Reviews: Conduct and lead periodic user access reviews across systems, applications, and platforms, ensuring alignment with role-based access controls (RBAC) and least-privilege principles.

• Policy Development & Enforcement: Define and enforce IAM policies, processes, and standards to protect sensitive data and ensure compliance with regulatory frameworks.

• Project Leadership: Lead IAM-related projects, from planning and scoping to execution and delivery, ensuring timely completion of milestones and objectives.

• Stakeholder Collaboration: Work closely with cross-functional teams, including IT, security, HR, and business units, to ensure that identity and access management aligns with business objectives and regulatory requirements.

• Risk Management: Assess IAM-related risks and vulnerabilities, recommend appropriate mitigation strategies, and ensure that access controls are maintained in high-risk areas.

• Audit Support: Serve as the primary point of contact for internal and external audits related to IAM. Ensure that all required documentation, controls, and evidence are maintained and easily accessible for audit purposes.

• Access Control Monitoring: Ensure continuous monitoring of user access, identifying and addressing any anomalies, suspicious activity, or policy violations.

• Technical Oversight: Provide technical expertise in areas such as user provisioning, authentication protocols (e.g., MFA, SSO), and privileged access management (PAM).

• Mentorship & Leadership: Mentor junior staff members and line of business partners, providing guidance on IAM best practices and governance processes.

• Continuous Improvement: Stay current with emerging IAM technologies, trends, and regulatory changes, proactively suggesting improvements to the organization’s identity governance model

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

COMPETENCIES

• Extensive experience with IAM tools and platforms (e.g., SailPoint, Okta, Active Directory, CyberArk).

• Strong understanding of identity governance frameworks, RBAC, privileged access management (PAM), and security best practices.

• Proven experience leading IAM governance projects from conception to delivery.

• Deep knowledge of compliance frameworks (e.g., SOX, GDPR) and their implications on IAM governance.

• Strong technical skills in authentication protocols, user provisioning workflows, and directory services.

• Demonstrated ability to manage complex IAM initiatives and collaborate with diverse stakeholders, both technical and non-technical.

• Excellent communication, presentation, and problem-solving skills.

Qualifications, Education, and Certification Requirements

• Education:

  • Bachelor’s degree in computer science, Information Systems, or related field.

  • Associate’s degree and five years’ experience in security operations/administration, finance, audit, controls, and/or risk management or a minimum of ten or more years’ experience in security operations/administration, finance, audit, controls and/or risk management.

• Experience: An equivalent of five (5) years’ work experience may be considered

WORK ENVIRONMENT

Telecommuting roles, no matter if hybrid or 100% full time telecommuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered.

TRAVEL

Travel may be required to come to meetings as needed.

Benefits | SouthState Careers