HireHireConfluent jobs › Staff Security Risk & Compliance Program Manager - Access Management

Staff Security Risk & Compliance Program Manager - Access Management

Apply for this role or explore on the map →

We’re not just building better tech. We’re rewriting how data moves and what the world can do with it. With Confluent, data doesn’t sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them. It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together. One Confluent. One Team. One Data Streaming Platform. About the Role: We are seeking a highly motivated and experienced Staff Security Risk & Compliance Program Manager - Access Management to join our Trust & Security team. This senior role owns Confluent's internal access management program and leads its evolution toward machine and workload identity — service-to-service (S2S) authentication, non-human identity (NHI), and access controls for AI agents — as the next frontier of least-privilege security for the Confluent Cloud platform. You will be the horizontal owner of how Confluent governs access : the Access Management Standard, access metrics, and the executive reporting cadence. As access operations are distributed across partner functions, you will hold the policy, risk, and measurement line so Confluent maintains one coherent access posture rather than fragmented silos. What You Will Do: Strategy and Leadership: Own the strategic direction and roadmap for Confluent's internal access management program, with machine and workload identity as the durable center of gravity. Drive the program's maturity model from control-building toward sustained governance and least-privilege outcomes. Machine & Workload Identity: Lead the program to enforce service-to-service (S2S) authentication across Trust & Security-owned surfaces, taking ownership of the enforcement hand-off from the identity engineering team. Formalize non-human identity (NHI) — service accounts, keys, and workload credentials — from pilot into a funded, governed program. Stand up access controls for AI agents as agentic workloads acquire production access. Access Governance & Standards: Own the Access Management Standard and the policies that operationalize least privilege, separation of duties, and periodic access review across human and machine access. Ensure the standard keeps pace with the evolving access surface and remains audit-ready. Metrics, Reporting & Governance Cadence: Own access metrics and reporting (e.g., JIT/unilateral-access volume, broad-privilege usage, prod-access reduction). Define and track program OKRs and run the monthly execution and executive-review cadence, articulating risk posture and progress to senior leadership. Cross-Functional Execution & Transitions: Drive cross-functional delivery with engineering, platform, and identity teams without direct authority. Integration with GRC and Partner Functions: Ensure the access management program is tightly integrated with adjacent GRC domains and partner teams (Insider Threat, IT/Identity, Detection & Response, and engineering owners), with clear RACI across governance and operations. What You Will Bring: Experience : 8+ years in security program management, identity & access management, or a closely related security discipline, with at least 3 years running an enterprise- or platform-scale access program in a technology company. Technical Skills : Deep expertise in identity and access management concepts: least privilege, separation of duties, RBAC/ABAC, just-in-time (JIT) and privileged access management (PAM), and access review/certification. Working knowledge of machine and workload identity — service-to-service authentication, non-human identity, service accounts, secrets/key management, and emerging AI-agent access patterns. Strong security engineering fundamentals across cloud infrastructure security controls in GCP, AWS, and/or Azure, including Kube

More roles at Confluent

See Confluent & thousands more on the map

Every tech & IT company hiring across India — with AI match scores — on one live map.

Open the map →