IT Manager – IAM & Security

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Information Security, or equivalent experience.
• 5+ years in identity and access management, with 3+ years in a management or technical lead role.
• Hands-on experience owning and administering an enterprise IGA platform (Saviynt, SailPoint, or equivalent).
• Demonstrated experience with Active Directory, Entra ID / Azure AD, and SSO protocols (SAML 2.0, OIDC, OAuth 2.0).
• Hands-on experience in security monitoring, threat detection, and incident response, with a focus on identity-related risks such as compromised accounts, privilege misuse, and unauthorized access.
• Experience working with enterprise security tools and platforms, including configuration, tuning, and ongoing optimization of detection and prevention capabilities across identity, endpoint, network, or cloud security domains.
• Experience with ServiceNow or equivalent ITSM for access request and incident management.
• Strong communication skills; ability to translate technical IAM and security concepts for non-technical stakeholders and leadership.
• Demonstrated ability to lead cross-functional projects and manage vendor relationships independently.

Nice To Haves

• Experience in retail or multi-site enterprise environments.
• Relevant certifications: SC-300 (Microsoft Identity & Access Administrator), CISSP, CISM, or equivalent.
• Familiarity with Workday HR data integration.
• Experience with Saviynt-IGA.
• Experience with Azure cloud services.
• Knowledge of regulatory frameworks relevant to retail: PCI-DSS, SOX access controls, or similar.

Responsibilities

• Lead the overall strategy, governance, and continuous improvement of the organization’s identity and access management capabilities.
• Oversee user lifecycle management processes, ensuring timely and accurate provisioning, access changes, and deprovisioning aligned with business roles and organizational needs.
• Manage directory services and identity platforms to ensure reliable authentication, authorization, and identity data integrity across enterprise applications and environments.
• Drive adoption and expansion of single sign-on (SSO) and federated identity services to improve user experience and strengthen access security.
• Establish and enforce role-based access controls (RBAC) and least-privilege principles across systems, including oversight of privileged access management practices.
• Implement and govern periodic access reviews, certifications, and audit processes to ensure compliance and reduce excessive or inappropriate access.
• Define, document, and maintain IAM processes, policies, and standards, ensuring consistency, scalability, and audit readiness.
• Collaborate with business, HR, and IT stakeholders to align identity services with workforce changes, application onboarding, and digital transformation initiatives.
• Develop and track IAM performance metrics, service levels, and operational health indicators to drive transparency and continuous improvement.
• Support identity integration initiatives across cloud and on-premises platforms, ensuring secure and seamless access experiences.
• Serve as an active, contributing member of the Security team – not an advisory role.
• Participate in security reviews, policy discussions, incident response, and remediation.
• Own and manage assigned security tools or platforms, including ongoing tuning, alert triage, and continuous improvement of detection capabilities.
• Investigate and respond to security events and incidents, particularly those involving identity, access misuse, or unauthorized activities.
• Support data protection initiatives by enforcing and refining policies related to data access, usage, and exfiltration prevention.
• Participate in security assessments for new technologies, applications, and third-party vendors to ensure alignment with security standards and risk tolerance.
• Support audit and compliance activities, including evidence collection, control validation, and remediation of findings (e.g., PCI, SOX, or similar frameworks).
• Collaborate with managed security partners and internal teams to enhance detection, response, and overall security posture.
• Lead, develop, and mentor team members and/or partner resources supporting identity and security functions, fostering a culture of accountability, continuous learning, and operational excellence.
• Provide direction and oversight for IAM and security initiatives, ensuring alignment with organizational priorities and business objectives.
• Collaborate cross-functionally with stakeholders across HR, application teams, infrastructure, and security to promote adoption of standards and consistent practices.
• Contribute to strategic planning, roadmap development, and prioritization of identity and security capabilities, ensuring scalability and long-term sustainability.
• Represent identity and security interests in architecture discussions, project planning efforts, and enterprise initiatives to ensure appropriate controls and design considerations are embedded early.

Benefits

• Choice of three medical plans, including a PPO plan or High-Deductible plans.
• Health Savings Account, with employer contribution.
• Dental, and Vision coverage.
• Flexible Spending Accounts (Healthcare and Dependent Care).
• Accident, Critical Illness, and Hospital Indemnity coverage.
• Voluntary Life, Spouse, and Child Life Insurance.
• Long-Term Disability coverage.
• Basic Life Insurance and Short-Term Disability coverage (at no cost to associates).
• Wellbeing platform with Personify Health.
• Employee Assistance Program available for associates and their families.
• 401(k), which offers an immediately vested Safe Harbor matching contribution (after 6 months of employment).
• Tuition Assistance program (available after 1 year of employment).
• PTO benefits, including vacation (with accrual or flexible options based on role).
• Annual sick time awards.
• Holiday pay.
• Two weeks of New Parent Leave for birth, adoption, or foster placement.
• Continuous opportunities for learning.
• Connection building through Associate Resource Groups.
• Free access to a state-of-the-art onsite Fitness Facility (for Duluth based associates).