DIRECTOR, IDENTITY AND ACCESS MANGEMENT SECURITY ENGINEER

Cresset Capital•Chicago, IL

1d•Onsite

About The Position

We are seeking an experienced Director of Identity & Access Management (IAM Lead) to establish and lead our enterprise IAM program. This is a critical leadership role within our Information Security function, responsible for evaluating our current identity landscape, designing a comprehensive IAM strategy, selecting and implementing modern IAM tools, and building a small but highly effective team to support the program. The ideal candidate will bring both strategic vision and hands-on expertise in identity and access management, particularly within financial services or other regulated industries. You will partner closely with security, compliance, and business stakeholders to ensure our IAM program supports security, scalability, and regulatory requirements.

Requirements

Bachelor’s degree in Information Security, Computer Science, or related field.
8+ years of progressive IT/security experience, with at least 4+ years in IAM leadership roles.
Prior experience building or significantly scaling an IAM program, ideally within financial services or a similarly regulated environment.
Deep knowledge of IAM concepts: authentication, authorization, RBAC, PAM, SSO, MFA, IGA (Identity Governance & Administration).
Hands-on experience with leading IAM platforms (e.g., SailPoint, Okta, CyberArk, Ping, Azure AD).
Familiarity with cloud IAM and integration with SaaS and on-premises applications.
Strong understanding of regulatory frameworks (SOX, GLBA, PCI-DSS, FFIEC).
Proven ability to define strategy, build consensus, and lead organizational change.
Strong leadership, influencing, and communication skills, with ability to engage both technical and non-technical stakeholders.
Experience managing small teams and external vendors/partners.

Responsibilities

Program Strategy & Leadership Assess the current identity and access management environment, including processes, technologies, and governance.
Define and communicate a multi-year IAM strategy aligned with security, compliance, and business needs.
Establish IAM governance policies and ensure compliance with regulatory requirements (SOX, GLBA, FFIEC, etc.).
Serve as the senior IAM subject matter expert and advisor to executives, audit committees, and business units.
Technology Selection & Implementation Evaluate, recommend, and lead the deployment of IAM platforms (e.g., Okta, SailPoint, CyberArk, Ping Identity, Azure AD).
Drive adoption of best practices in identity lifecycle management, privileged access management (PAM), single sign-on (SSO), and multi-factor authentication (MFA).
Oversee system integration with critical enterprise platforms and applications.
Team Development Build and lead a small but growing IAM team, starting with the hiring of an IAM Analyst.
Provide mentorship, coaching, and technical leadership to team members.
Establish processes for ongoing IAM operations, including access requests, reviews, and audits.
Program Operations Oversee IAM operations, including provisioning/deprovisioning, access certifications, and privileged access controls.
Partner with IT, HR, and business units to streamline onboarding/offboarding and role-based access management.
Monitor and report on IAM metrics, risks, and compliance status.