Wpp
Wpp15h ago
New

Identity, AI and Data Access Governance Lead

OtherLead
2 views0 saves0 applied

Quick Summary

Key Responsibilities

1. Identity and access governance framework Define and maintain the access governance framework for DTS. This includes: Defining access governance standards, processes and control expectations.

Requirements Summary

Defining the scope, frequency and evidence requirements for access reviews. Coordinating access reviews for critical DTS systems, production environments, privileged roles, sensitive datasets,

Technical Tools
OtherLead

Why we're hiring:

The Identity, AI and Data Access Governance Lead is responsible for governing who, and what, can access DTS systems, data, APIs, tools, workflows and AI-enabled capabilities.

This is a hands-on governance and control role, reporting into the SVP Security and Compliance. The role ensures that access across DTS is appropriate, auditable, reviewed, least-privileged and aligned with security, privacy, compliance and client commitments.

The scope covers traditional human access, external users, privileged access, service accounts, machine identities, API keys, tokens, dataset access, and the emerging governance of AI agents and agentic workflows.

The role will work closely with Architecture, Security, Product, Engineering, Infrastructure, Privacy, Legal/DPO, TechOps, Enterprise Technology and the ISMS and Risk Officer to ensure DTS has a clear and controlled model for access across platforms such as WPP Open, Choreograph, InfoSum, Open Intelligence, Resolve and related DTS capabilities.

 

What you'll be doing:

Define and maintain the access governance framework for DTS.

This includes:

  • Defining access governance standards, processes and control expectations.
  • Establishing how access should be requested, approved, provisioned, reviewed, revoked and evidenced.
  • Ensuring access governance covers internal users, external users, clients, partners, vendors, service accounts, machine identities and AI agents.
  • Aligning identity and access governance with DTS architecture, security, privacy, compliance and data governance requirements.
  • Ensuring access governance is practical for product and engineering teams to implement.

 

Own the process for regular access reviews and recertification across DTS.

This includes:

  • Defining the scope, frequency and evidence requirements for access reviews.
  • Coordinating access reviews for critical DTS systems, production environments, privileged roles, sensitive datasets, client-facing platforms and administrative tools.
  • Ensuring access review outcomes are tracked, remediated and evidenced.
  • Identifying stale, excessive, orphaned or poorly owned access.
  • Escalating overdue, high-risk or unresolved access issues through the appropriate governance channels.

 

Ensure privileged access across DTS is properly controlled, justified and auditable.

This includes:

  • Reviewing access to production systems, cloud environments, security tools, databases, CI/CD tooling, administrative consoles and sensitive platforms.
  • Supporting least-privilege, just-in-time and time-bound access models where appropriate.
  • Working with Cloud and Platform Security and Infrastructure to improve privileged access controls.
  • Ensuring privileged access risks are visible in the DTS risk register where required.

 

Govern access for external users, clients, agencies, partners and vendors.

This includes:

  • Defining standards for external user onboarding, approval, permissions, expiry and offboarding.
  • Ensuring external access has a clear business owner and justification.
  • Supporting access governance across client workspaces, agency environments, partner integrations and shared collaboration areas.
  • Working with Product and Engineering to ensure tenant, workspace and client-level isolation is appropriately governed.
  • Tracking risks related to stale accounts, vendor access, partner permissions and external user overprivilege.

 

Govern non-human access across DTS systems and platforms.

This includes:

  • Defining standards for service accounts, machine identities, automation users, API keys, tokens, secrets and integration credentials.
  • Ensuring non-human access has clear ownership, purpose, scope, rotation, expiry and auditability.
  • Working with Product, Engineering, Cloud Security and Infrastructure to reduce unmanaged credential risk.
  • Ensuring service accounts and machine identities are included in access reviews.
  • Supporting stronger governance of API access, token issuance, credential lifecycle and integration permissions.

 

Define and oversee the governance model for AI agents and agentic workflows across DTS.

This includes:

  • Defining how AI agents are identified, permissioned, monitored, reviewed and revoked.
  • Ensuring agents have clear ownership, scoped permissions and auditable actions.
  • Defining which agent actions require human approval or additional control.
  • Governing agent access to APIs, tools, datasets, workflows, client environments and production capabilities.
  • Ensuring agents act within delegated authority and cannot exceed the permissions of the user, system or business process they represent.
  • Working with Product, Architecture and Security to ensure agentic workflows are designed with clear action boundaries.
  • Working with the Product, Application and Offensive Security Lead to test whether agent permissions and action boundaries can be bypassed.
  • Working with Privacy Engineering to ensure AI access models support permitted use, minimisation and data protection requirements.

Govern access to sensitive, client, partner and WPP-owned data across DTS.

This includes:

  • Defining standards for dataset access approval, review, revocation and evidence.
  • Supporting data classification from an access-control and security-governance perspective.
  • Ensuring access to sensitive data is role-based, purpose-based, least-privileged and auditable.
  • Supporting controls for cross-client, cross-market, cross-agency and partner data access.
  • Ensuring data access governance supports InfoSum, Open Intelligence, Resolve, WPP Open and other DTS data collaboration use cases.
  • Working with Privacy Engineering on data minimisation, permitted use, retention and privacy-by-design requirements.
  • Ensuring data access risks are surfaced through the DTS risk process.

 

Ensure access governance extends beyond systems and datasets into tools, workflows and actions.

This includes:

  • Defining governance for access to operational tools, workflow automation, orchestration systems, AI tools and administrative actions.
  • Ensuring high-risk actions are subject to appropriate approval, logging and monitoring.
  • Supporting segregation of duties across sensitive workflows.
  • Ensuring automated workflows and agents have clearly scoped authority.
  • Working with Security Operations to ensure high-risk access and actions are visible in monitoring and detection processes.

 

Maintain clear evidence of access governance and support audit and assurance requirements.

This includes:

  • Producing access governance evidence for SOC 2, ISO 27001, client assurance, internal audit and risk reviews.
  • Working with the ISMS and Risk Officer to ensure access controls, reviews, exceptions and remediation actions are documented.
  • Reporting on access review completion, high-risk access, overdue actions and access control gaps.
  • Supporting client and audit questions related to identity, access, privileged roles, service accounts, AI agents and data access.
  • Ensuring access governance is repeatable, measurable and auditable.

 

Who you'll be working with:

The Identity, AI and Data Access Governance Lead will be accountable for:

  • DTS identity and access governance standards.
  • Regular access reviews and recertification.
  • Privileged access governance.
  • External user, client, partner and vendor access governance.
  • Service account, machine identity, API key and token governance.
  • AI agent identity, permission and action governance.
  • Dataset and sensitive data access governance.
  • Governance of access to tools, workflows and high-risk actions.
  • Access governance evidence for audit, compliance and client assurance.
  • Escalation of material access risks into the DTS risk process.

 

What you'll need:

The successful candidate will have:

  • Experience in identity governance, access management, IAM, security governance, GRC, data access control or platform security.
  • Strong understanding of least privilege, role-based access control, attribute-based access control, access reviews, privileged access and segregation of duties.
  • Experience governing access across SaaS platforms, cloud environments, APIs, data platforms or enterprise technology estates.
  • Knowledge of identity platforms such as Okta, Auth0, Keycloak, Azure AD / Entra ID or similar.
  • Understanding of service accounts, machine identities, API keys, tokens, secrets and non-human access governance.
  • Understanding of AI agents, agentic workflows, delegated authority and tool-access governance would be highly valuable.
  • Understanding of data classification, dataset access governance, privacy-by-design and audit requirements.
  • Ability to work across security, architecture, product, engineering, infrastructure, legal, privacy and compliance teams.
  • Strong organisational skills and ability to coordinate reviews, evidence, remediation and reporting.
  • Ability to translate complex access issues into clear risks, controls and practical actions.

 

The Identity, AI and Data Access Governance Lead is expected to:

  • Be structured, disciplined and pragmatic.
  • Bring clarity to complex access and permission models.
  • Challenge excessive, unclear or poorly governed access.
  • Work constructively with product and engineering teams to design workable controls.
  • Avoid creating unnecessary bureaucracy while ensuring access is properly governed.
  • Treat human, machine and agent access as part of the same control landscape.
  • Escalate material access risks clearly and early.
  • Support DTS in building a secure, auditable and scalable access governance model.

 

Success in the role will be measured by:

  • DTS having clear identity, access and data access governance standards.
  • Regular access reviews completed on schedule with evidence.
  • Reduction in stale, excessive, orphaned or poorly owned access.
  • Stronger governance of privileged access and production access.
  • Clear ownership and review of service accounts, machine identities, API keys and tokens.
  • Defined governance for AI agent identities, permissions and actions.
  • Improved auditability of access to data, APIs, tools, workflows and production systems.
  • Better alignment between identity, security, privacy, architecture, product and engineering teams.
  • Material access risks being visible through the DTS risk register and Risk Review Board.
  • Increased confidence that DTS can answer: who or what has access to what, why, and when was it last reviewed?

Who you are:

What We Offer

~1 min read

Location & Eligibility

Where is the job
United Kingdom
On-site within the country
Who can apply
GB

Listing Details

Posted
July 13, 2026
First seen
July 13, 2026
Last seen
July 14, 2026

Posting Health

Days active
0
Repost count
0
Trust Level
67%
Scored at
July 13, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust
Wpp
Wpp
greenhouse
Employees
10,000+
Founded
1985
Domain
wpp.com
View company profile
Newsletter

Stay ahead of the market

Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

A
B
C
D
Join 12,000+ marketers

No spam. Unsubscribe at any time.

WppIdentity, AI and Data Access Governance Lead