about 5 hours ago

Data Protection Operations Lead

Canada

$102,000-$128,000 / year

full-timesenior Remotehospitality

Tech Stack

Description

You will drive operational excellence and innovation in access management, designing and maintaining provisioning frameworks, collaborating with engineering to optimize permission models, and leading cross-functional initiatives to advance privacy and data protection for Airbnb's Community Support teams.

Requirements

  • 8+ years of hands-on experience with Access and Privileged Access Management (PAM) operations.
  • Demonstrated experience in PAM operational tasks including safe creation and management, privileged account onboarding, policy development, and least-privilege access model implementation.
  • Solid background in IAM principles and industry best practices.
  • Experience with operationalizing JIT privilege models, RBAC, and enforcing SoD.
  • Working knowledge of authentication protocols (SAML, OAuth, OpenID Connect, Active Directory, LDAP, Kerberos).
  • Familiarity with cloud-based PAM, including classification and management of non-human identities.
  • Strong understanding of security standards and regulatory frameworks (NIST, ISO/IEC, FFIEC).
  • Strong SQL abilities, including querying and dashboard creation.
  • Clear, concise communication skills and ability to collaborate across teams.
  • Experience in documenting policies, procedures, and reporting on PAM-related risk and compliance metrics.
  • Demonstrated ownership and accountability for continuous improvement in PAM controls.
  • Proactive in identifying and mitigating security risks related to privileged access.
  • Comfortable in fast-paced environment and contributing to cross-functional or global initiatives.
  • Demonstrated ability to build and coach teams.
  • Familiarity with access management challenges specific to cloud-native environments (AWS, GCP, Azure).
  • Involvement in developing or maintaining PAM strategies for human and non-human identities.

Responsibilities

  • Governance Reporting: Measure, report, and govern privileged access controls to ensure compliance.
  • Requirements Implementation: Document and translate PAM requirements for technology partners.
  • Stakeholder Collaboration: Work cross-functionally to develop and iterate on PAM requirements.
  • Policy Standards: Partner with the policy governance team to socialize and publish updates to the PAM Standard.
  • Authentication Security: Apply mastery of authentication platforms and PAM principles.
  • Regulatory Compliance: Ensure alignment with industry regulations and standards.
  • Risk Management: Proactively identify, assess, and mitigate PAM risks.
  • Stakeholder Engagement: Report on PAM/information security risks to senior leadership.
  • Quality Assurance: Design and execute test strategies for privileged access processes.
  • Documentation: Maintain clear records of policies, approval processes, and test outcomes.
  • Industry Engagement: Stay up-to-date with emerging trends in privileged access management.
  • Access Management policies: Define and maintain access management policies for different user personas.
  • Leadership: Coach and train team members.
  • Access lifecycle: Oversee the full lifecycle of access.
0 views 0 saves 0 applications