Director, Identity And Access Mangement Security Engineer
About The Position
Cresset is seeking an experienced Director of Identity & Access Management (IAM Lead) to establish and lead its enterprise IAM program. This is a critical leadership role within the Information Security function, responsible for evaluating the current identity landscape, designing a comprehensive IAM strategy, selecting and implementing modern IAM tools, and building a small but highly effective team to support the program. The ideal candidate will bring both strategic vision and hands-on expertise in identity and access management, particularly within financial services or other regulated industries. The role involves partnering closely with security, compliance, and business stakeholders to ensure the IAM program supports security, scalability, and regulatory requirements.
Requirements
- Bachelor’s degree in Information Security, Computer Science, or related field.
- 8+ years of progressive IT/security experience.
- At least 4+ years in IAM leadership roles.
- Prior experience building or significantly scaling an IAM program, ideally within financial services or a similarly regulated environment.
- Deep knowledge of IAM concepts: authentication, authorization, RBAC, PAM, SSO, MFA, IGA (Identity Governance & Administration).
- Hands-on experience with leading IAM platforms (e.g., SailPoint, Okta, CyberArk, Ping, Azure AD).
- Familiarity with cloud IAM and integration with SaaS and on-premises applications.
- Strong understanding of regulatory frameworks (SOX, GLBA, PCI-DSS, FFIEC).
- Proven ability to define strategy, build consensus, and lead organizational change.
- Strong leadership, influencing, and communication skills, with ability to engage both technical and non-technical stakeholders.
- Experience managing small teams and external vendors/partners.
Responsibilities
- Assess the current identity and access management environment, including processes, technologies, and governance.
- Define and communicate a multi-year IAM strategy aligned with security, compliance, and business needs.
- Establish IAM governance policies and ensure compliance with regulatory requirements (SOX, GLBA, FFIEC, etc.).
- Serve as the senior IAM subject matter expert and advisor to executives, audit committees, and business units.
- Evaluate, recommend, and lead the deployment of IAM platforms (e.g., Okta, SailPoint, CyberArk, Ping Identity, Azure AD).
- Drive adoption of best practices in identity lifecycle management, privileged access management (PAM), single sign-on (SSO), and multi-factor authentication (MFA).
- Oversee system integration with critical enterprise platforms and applications.
- Build and lead a small but growing IAM team, starting with the hiring of an IAM Analyst.
- Provide mentorship, coaching, and technical leadership to team members.
- Establish processes for ongoing IAM operations, including access requests, reviews, and audits.
- Oversee IAM operations, including provisioning/deprovisioning, access certifications, and privileged access controls.
- Partner with IT, HR, and business units to streamline onboarding/offboarding and role-based access management.
- Monitor and report on IAM metrics, risks, and compliance status.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Director
