Manager Identity and Access Management

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or equivalent practical experience.
• 7+ years of progressive experience in IAM or cybersecurity, with at least 2-3 years in a people management or team lead capacity.
• Hands-on experience with two or more enterprise IAM platforms (IGA, PAM, SSO/MFA, cloud identity, or directory services) such as Saviynt, CyberArk, Okta, Azure AD / Entra ID, or equivalent.
• Experience implementing IAM platforms using infrastructure-as-code tools such as Terraform, Ansible, or CloudFormation.
• Strong working knowledge of identity protocols and standards including SAML, OAuth 2.0, OIDC, SCIM, and LDAP.
• Understanding of zero trust architecture principles and identity-centric security models.
• Working knowledge of IAM compliance requirements under SOX, HIPAA, SOC 2, PCI-DSS, NIST, or similar frameworks.
• Experience with monitoring and logging tools (e.g., Splunk, Prometheus, Grafana, or cloud-native equivalents) for IAM environment visibility.
• Strong scripting skills in Python, PowerShell, or Bash for IAM automation and integration.
• Excellent problem-solving skills and ability to work effectively in a fast-paced, collaborative environment.
• Strong communication skills with the ability to convey complex IAM concepts to non-technical stakeholders.
• Ability to lead and drive collaboration with cybersecurity, software development, DevSecOps, infrastructure, and IT operations teams.
• Delivers results
• Strong attention to detail.
• Relevant certifications: CISSP, CISM, CIAM, Saviynt Engineer/Architect, CyberArk Defender/Guardian, Microsoft Certified: Identity and Access Administrator, or equivalent.

Nice To Haves

• Familiarity with containerization and orchestration tools (Docker, Kubernetes) in the context of identity workloads.
• Experience leading IAM workstreams in M&A integration, divestiture, or large-scale cloud migration programs.
• Exposure to Agile or DevSecOps delivery models for platform engineering work.

Responsibilities

• Lead the design, deployment, and continuous improvement of enterprise IAM platforms including Identity Governance & Administration (IGA), Privileged Access Management (PAM), Single Sign-On (SSO), Multi-Factor Authentication (MFA), Directory Services, Cloud Identity, and Customer IAM (CIAM).
• Own the full cycle of IAM platform engineering from contributing to architecture and hands-on implementation through documentation, testing, and operational handoff to the peer Operations team.
• Implement infrastructure-as-code (IaC) approaches for IAM platform provisioning and configuration using tools such as Terraform, Ansible, or CloudFormation.
• Drive platform integration strategies to reduce identity sprawl, automate joiner/mover/leaver workflows, and improve enterprise-wide access visibility.
• Lead platform upgrades, migrations, and automation initiatives; develop runbooks and standards that the peer Operations team executes against.
• Own the engineering execution of access certification, role engineering, and segregation of duties (SoD) controls across the enterprise.
• Ensure IAM platform configurations satisfy audit and compliance requirements under SOX, HIPAA, PCI-DSS, SOC 2, NIST, and applicable regulatory frameworks.
• Lead regular assessments of IAM environments using monitoring and logging tools to identify risks, gaps, and improvement opportunities.
• Support remediation of IAM audit findings in coordination with the peer Operations Manager and Compliance teams.
• Enforce least-privilege and need-to-know principles through engineering controls and automated provisioning workflows rather than manual processes.
• Lead and develop a team of IAM engineers and technical analysts, providing coaching, performance feedback, and career development support.
• Foster a culture of automation-first thinking, engineering excellence, and continuous improvement within the team.
• Manage workload distribution, sprint planning, and delivery prioritization; ensure the team meets its commitments reliably.
• Partner with HR and talent acquisition to recruit, onboard, and retain IAM engineering talent.
• Provide guidance and mentorship across the broader IAM organization, including knowledge transfer to the peer Operations team.
• Collaborate closely with the peer Manager, IAM Operations to ensure seamless handoffs, clear escalation paths, and consistent service delivery across the two-team model.
• Partner with cybersecurity, enterprise architecture, software development, DevSecOps, and infrastructure teams to integrate IAM services across the enterprise.
• Support CI/CD pipeline integration for identity-related services and contribute to DevSecOps practices across the engineering organization.
• Communicate platform health, roadmap progress, and technical risks clearly to the Sr. Director of IAM and non-technical stakeholders.
• Represent IAM Engineering in enterprise change advisory, architecture review, and security governance forums.
• Manage day-to-day vendor relationships for IAM platforms including escalations, product roadmap engagement, and license management.
• Evaluate new IAM technologies and tools to enhance capabilities, drive innovation, and keep pace with industry trends including advances in zero trust, cloud identity, and AI-assisted access governance.
• Ensure vendor SLAs are operationally meaningful and translate into measurable outcomes in coordination with the peer Operations Manager.
• When needed, lead Tier 3 incident response and troubleshooting for complex IAM platform issues escalated from the peer Operations team.
• Maintain and test disaster recovery and business continuity plans for IAM platforms.
• Ensure on-call readiness for platform-level issues within the engineering team.

Benefits

• comprehensive medical and prescription drug coverage
• dental and vision plans
• tax-saving Flexible Spending Accounts
• disability coverage
• life insurance plans
• 401(k) plan
• tuition assistance
• a wellness program
• parental leave
• vacation accrual
• paid sick leave