Manager Identity & Access Management

About The Position

Requirements

• Bachelor’s degree in Information Security, Information Technology, Computer Science, or a related discipline; or an equivalent combination of education and relevant experience.
• 6 to 8 years of progressive experience in Identity and Access Management, information security operations, or IT control functions.
• 2 or more years of experience leading or managing a technical team, including responsibility for operational delivery, performance management, and prioritization of work.
• Hands‑on experience operating or overseeing IAM detective controls such as access certifications, access monitoring, reconciliations, or identity‑related alerting.
• Experience supporting audit, risk, and compliance activities within a regulated industry; financial services experience preferred.
• Experience driving process maturity and automation initiatives to reduce manual effort and improve control reliability.
• Familiarity with IAM platforms, access data models, automation tools, and identity‑related logging or reporting capabilities.
• Working knowledge of regulatory and control frameworks such as SOX, SOC1, SOC2, or similar security and compliance standards.
• Proven ability to lead and develop technical teams in an operational security or IAM environment.
• Strong understanding of identity and access management controls, particularly detective and monitoring controls.
• Experience driving process improvement and automation to enhance control effectiveness and efficiency.
• Solid understanding of audit, risk, and compliance expectations related to IAM.
• Ability to analyze access data, interpret control results, and drive remediation efforts.
• Strong organizational skills with the ability to manage multiple priorities and deadlines.
• Effective communicator capable of working with technical teams, auditors, and non‑technical stakeholders.
• Demonstrated commitment to operational excellence, continuous improvement, and secure access practices.

Responsibilities

• Lead the daily operations of a technical IAM controls team, ensuring consistent execution, accountability, and reliable delivery of detective access management services.
• Provide day‑to‑day leadership, supervision, and direction for a team responsible for IAM detective controls and automation.
• Set clear performance expectations, prioritize work, manage workload distribution, and support ongoing skill development of team members.
• Serve as the escalation point for complex operational issues, control failures, or security‑relevant findings.
• Ensure consistent execution of IAM detective control processes in alignment with policies, standards, and documented procedures.
• Ensure detective IAM controls operate effectively and consistently to identify unauthorized or inappropriate access in a timely manner.
• Oversee the execution of detective access management controls, including access certifications, authentication configuration reviews, access monitoring, and exception handling.
• Ensure controls effectively detect unauthorized access, inappropriate privilege assignments, and policy violations.
• Coordinate timely investigation, escalation, and remediation of access issues identified through detective controls.
• Maintain operational ownership of control results, tracking issues through remediation and closure.
• Actively supports monitoring, investigation, and response activities related to IAM security signals.
• Support detective IAM controls, including logging, alerting, and access review evidence collection.
• Monitor IAM and PAM activity for anomalous or unauthorized behavior.
• Assist with identity‑related investigations, incidents, and penetration testing efforts.
• Gather and analyze IAM and PAM data for audits, incident response, and forensic activities.
• Collaborate with security teams during access‑related security events to assess impact and remediate issues.
• Drive improvements to control effectiveness, efficiency, and scalability through automation and process maturity.
• Assist with efforts to automate IAM detective control execution, reporting, and evidence collection.
• Identify opportunities to reduce manual processes, spreadsheet dependency, and point‑in‑time reviews through automation and workflow improvements.
• Partner with IAM engineering and platform teams to improve control data accuracy, metadata completeness, and tool reliability.
• Drive continuous improvement of control processes through standardization, automation, and operational metrics.
• Maintain audit‑ready IAM detective controls that meet regulatory, risk, and internal security expectations.
• Ensure IAM detective controls align with regulatory, audit, and internal risk management requirements.
• Coordinate audit preparation activities, including evidence collection, documentation, and control walkthroughs.
• Respond to audit inquiries and remediation requests related to IAM detective controls.
• Partner with risk, compliance, and audit teams to identify control gaps and implement corrective actions.
• Act as the operational liaison between IAM detective control operations and key security, technology, and risk stakeholders.
• Collaborate with IAM engineering, security operations, infrastructure, and application teams to support access monitoring and control effectiveness.
• Provide regular reporting on control performance, issues, trends, and improvement initiatives to leadership and stakeholders.
• Participate in IAM governance and security forums to represent detective control operations and provide operational insights.
• Support security incident investigations and access‑related risk assessments as needed.

Benefits

• Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
• Medical, Dental, and Vision (plus much more)
• 401(k) Plan with Company Match
• Short- & Long-Term Disability
• Wellness Programs
• Group Life and AD&D Insurance
• Paid Vacation, Sick Days and bank Holidays
• Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition