Senior Director, IAM Engineering & Operations

About The Position

Requirements

• Experience leading IAM organizations within highly regulated industries (financial services experience preferred).
• Experience supporting regulatory audits, compliance programs, and governance initiatives.
• Experience managing both IAM engineering and IAM operations functions.
• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field
• 12+ years of experience in IAM, security, or platform engineering, with 5+ years in senior leadership roles
• Strong software engineering background (Java, Python, .NET, or similar) with hands-on IAM solution development
• Proven success building and scaling global engineering teams in a SaaS or product organization
• Deep expertise in: IAM platforms (SailPoint, Saviynt, Okta, Ping, etc.), PAM solutions (CyberArk, BeyondTrust, etc.), Active Directory & Azure AD / Entra ID, SSO & federation protocols (SAML, OAuth, OIDC), PKI and machine identity management
• Experience supporting high-scale, highly available SaaS environments

Nice To Haves

• Industry certifications (CISSP, CISM, etc.)
• Experience with cloud platforms (Azure preferred) and microservices architecture
• Familiarity with SRE practices, observability, and reliability engineering

Responsibilities

• Lead a global IAM Engineering & Operations organization.
• Drive operational excellence, platform reliability, and service maturity.
• Lead identity governance across both human and non-human (machine) identities.
• Partner with audit, risk, and compliance organizations to support regulatory and governance initiatives.
• Build and develop high-performing engineering leaders and teams.
• Define and execute a cloud-first IAM strategy supporting UKG’s SaaS products and internal enterprise systems
• Partner with Product Engineering, Security, and Platform teams to embed identity into the software development lifecycle
• Champion identity as a core platform capability, enabling secure and frictionless user experiences
• Align IAM initiatives with customer trust, compliance, and uptime expectations in a SaaS environment
• Build, scale, and lead global IAM engineering, platform, and operations teams
• Foster a product and platform mindset within IAM (API-first, reusable services, developer enablement)
• Drive a culture of automation, reliability engineering (SRE principles), and continuous delivery
• Develop leadership bench strength and succession pipelines
• Lead development of scalable IAM services, APIs, and identity orchestration workflows
• Oversee integrations with customer-facing applications, SaaS platforms, and internal systems
• Enable CIAM (Customer Identity & Access Management) capabilities where applicable
• Promote DevSecOps practices, infrastructure-as-code, and automation in identity provisioning and governance
• Implement scalable identity lifecycle management and access governance across a distributed workforce
• Mature RBAC/ABAC models and access certification processes
• Ensure alignment with SOC 1, SOC 2, ISO 27001, GDPR, and other relevant compliance standards
• Lead PAM strategy to secure privileged access across cloud and production environments
• Implement just-in-time (JIT) access, session monitoring, and credential vaulting
• Reduce attack surface and enforce least privilege at scale
• Oversee PKI and certificate lifecycle management supporting secure communications and services
• Enable machine identity management and certificate-based authentication across cloud workloads
• Support encryption and key management strategies aligned with SaaS security requirements
• Lead modernization of Active Directory (hybrid) and Azure AD / Entra ID environments
• Drive transition toward cloud-native identity and directory services
• Ensure high availability, resilience, and security of identity infrastructure
• Embed IAM within UKG’s Zero Trust architecture
• Proactively identify and mitigate identity-based threats and vulnerabilities
• Support audits, incident response, and continuous compliance efforts

Benefits

• flexibility that’s real
• benefits you can count on
• a team that succeeds together
• performance-based bonus plan
• restricted stock unit awards