Identity Access Management (IAM) Director

About The Position

Requirements

• Minimum 10 years in cybersecurity, with at least 5 years in IAM program leadership.
• Deep technical expertise in IAM design, implementation, and delivery.
• Proficiency with IAM technologies including identity providers, access management, and federated authentication.
• Strong understanding of RBAC and ABAC models.
• Familiarity with regulatory frameworks: PCI, FFIEC, SOX, GDPR, GLBA, ISO, ITIL, and NIST.
• Experience with both on-premises and cloud-based IAM solutions.
• Extensive knowledge of SSO, MFA, Active Directory, PKI, privileged access, and API integrations.
• Proven experience administering IAM systems and implementing scalable governance frameworks.
• Experience with AWS and Microsoft Azure preferred.
• Familiarity with state-level privacy laws.
• Bachelor's degree in Computer Science, Information Assurance, MIS, or a related field, or equivalent industry experience.
• CISSP and/or SANS (GSE) required; CISM preferred.

Nice To Haves

• Strong analytical, communication, and leadership skills with a commitment to excellence and adaptability.
• Working knowledge of Windows, Unix, macOS, and leading IAM platforms (e.g., Okta).
• Self-directed, organized, and proactive in anticipating threats and positioning controls.
• High integrity and ability to lead by example.

Responsibilities

• Define and maintain a multi-year IAM roadmap (Workforce, B2B, B2C) aligned with Zero Trust, least privilege, and regulatory requirements.
• Define success criteria for maturing IAM and produce KPIs to measure success.
• Own and evolve reference architectures for SSO/Federation (SAML, OIDC, OAuth2), MFA/Passwordless, Directory Services, IGA, PAM, and secrets/keys management.
• Lead a matrixed IAM team responsible for deploying identity and access controls across enterprise and customer-facing applications (CIAM) using a frictionless user-friendly approach.
• Oversee implementation of IAM solutions in alignment with security policies, standards, and access control processes.
• Govern IAM policies and solutions across SSO, directory services, certificates, MFA, RBAC, privileged access, automation, and behavioral analytics.
• Align operational procedures with business and technology stakeholders.
• Supervise access reviews and certification processes to meet business unit requirements.
• Implement automated joiner-mover-leaver processes with role-based entitlements and auditable access recertifications.
• Establish policies for Just-In-Time (JIT) access, break-glass accounts, and tiered administrative models.
• Collaborate with infrastructure and security leadership on strategic planning and budgeting.
• Act as the IAM liaison for incident response, SOC analysts, application engineers, and security leadership.
• Represent IAM in change and project management forums.
• Serve as the primary IAM contact for internal and external auditors, ensuring compliance with privacy and regulatory standards.
• Partner with Security, Audit, and Legal teams to meet SOX, HIPAA, PCI-DSS, SOC 2, ISO 27001, and data privacy obligations.
• Lead audit responses and maintain evidence and control effectiveness metrics.
• Integrate IAM controls into SaaS onboarding, CI/CD pipelines, and device/VDI strategies (e.g., IGEL, Horizon).
• Enable secure external collaboration (B2B guest/federation) for product and marketing teams.
• Promote application of emerging IAM trends utilizing AI to drive effectiveness.
• Perform other duties as assigned.

Benefits

• Medical
• Dental
• Vision
• Paid Time Off
• 401k