Senior Manager, Identity Access Management

About The Position

Requirements

• Bachelor’s degree in information security, IT, risk management, related discipline, or equivalent experience
• 15+ years of progressive experience in IT or Information Security, with at least 5 years in a leadership role focused on IAM or access governance.
• Demonstrated success building, scaling, and operating enterprise-grade IAM programs in large, complex organizations, preferably in a hybrid environment (on-premises, multi-cloud, and SaaS).
• Proven ability to define IAM strategy, roadmap, and operating models, aligning capabilities with business objectives, risk posture, and regulatory requirements.
• Deep, hands-on expertise with identity lifecycle management, SSO, MFA, directory services (e.g., Active Directory, Entra ID), federation protocols (SAML, OAuth, OIDC), and PKI/certificate infrastructure.
• Experience implementing and managing Identity Governance & Administration (IGA) platforms such as SailPoint, Saviynt etc.
• Strong background in user access reviews, certification campaigns, entitlement modeling, role-based and policy-based access controls
• In-depth understanding of NIST digital identity guidelines, including identity assurance and authentication levels
• Familiarity with compliance frameworks and standards such as NIST CSF and ISO 27001.
• Experience working in a global organization and collaborating across diverse business units.
• Strong program and project management skills, with experience delivering complex initiatives on time and within budget.
• Proven ability to manage third-party vendors, and software providers, including delivery oversight, and performance management.
• Demonstrated ability to lead, mentor, and develop high-performing IAM engineering and operations teams.
• Excellent executive communication and presentation skills, with the ability to clearly articulate risk, strategy, and technical concepts to both technical and non-technical audiences.
• Strong interpersonal and collaboration skills, with comfort engaging regularly with senior leadership and key internal and external stakeholders.
• Ability to manage multiple concurrent objectives and activities and make effective judgments in prioritizing and time allocation.
• Must be able to execute with limited information and ambiguity.
• Demonstrated continuous learning mindset, with the ability to stay current on emerging IAM technologies, security threats, vulnerabilities, and attack vectors
• Passion for innovation, automation, and driving continuous improvement in IAM processes.

Nice To Haves

• Professional certifications such as CISSP, CISM, or similar

Responsibilities

• Develop and execute the firm’s IAM strategy and roadmap aligned with enterprise security objectives, business priorities, and client requirements.
• Establish and enforce identity governance and access management standards, including role-based access control (RBAC), least privilege, segregation of duties (SoD), and periodic access certifications, ensuring consistent adoption across the firm.
• Define, maintain, and operationalize IAM policies, standards, procedures, and reference architectures to support consistent, auditable, and scalable access management practices.
• Partner with technology risk and client assurance teams to support internal and external assessments and drive remediation of IAM-related findings.
• Define security requirements and governance standards for IAM technologies and platforms, including Active Directory, Entra ID (Azure AD), SAML/SSO, MFA, PAM, and cloud-based IAM services.
• Partner with Infrastructure and Application teams to support the secure implementation and ongoing operation of IAM controls across on-premises, cloud, and SaaS environments.
• Own the selection, configuration, and lifecycle management of identity-specific security platforms, including authentication, identity governance, and privileged access management solutions in alignment with enterprise architecture standards.
• Serve as the technical authority and escalation point for identity security platforms, responsible for architecture decisions, advanced configuration, integrations, upgrades, and decommissioning.
• Maintain deep, hands-on expertise in Active Directory, Entra ID (Azure AD), Windows Certificate Services (CA), and core identity protocols, including LDAP, Kerberos, SAML, OAuth, and OpenID Connect.
• Design, implement, and operate privileged access controls, strong authentication policies, and identity governance workflows within security-owned IAM and PAM platforms.
• Design and develop automation and tooling to support IAM processes such as joiner/mover/leaver workflows, access provisioning and deprovisioning, access reviews, privileged access elevation, and certificate lifecycle management.
• Reduce manual effort and operational risk by identifying opportunities to standardize and automate identity processes across platforms and environments.
• Define and oversee user lifecycle management standards (joiner/mover/leaver), to ensure timely and secure onboarding, access changes, and deprovisioning.
• Establish governance and oversight for digital certificate inventory and lifecycle management, including issuance, renewal, and revocation processes.
• Identify IAM-specific risks such as misconfigurations, excessive access, orphaned accounts, and weak authentication controls, and partner with relevant stakeholders to prioritize and remediate issues.
• Ensure IAM practices align with applicable regulatory, privacy, and security frameworks (e.g., SOX, GDPR, ISO 27001, NIST).
• Develop dashboards, metrics, and reporting to provide visibility into IAM risks, control effectiveness, and program maturity for senior leadership.
• Provide IAM subject-matter expertise during security incidents, investigations, and control failures.
• Lead, mentor, and develop IAM engineers and analysts, fostering a culture of accountability, technical excellence, and continuous improvement.
• Influence and collaborate with technical and non-technical stakeholders to drive adoption of IAM best practices without impeding delivery.
• Communicate IAM risks, tradeoffs, and recommendations clearly to senior leadership and business stakeholders.
• Stay current on emerging IAM threats, technologies, and industry best practices.
• Drive continuous optimization of IAM governance processes to improve security, scalability, and user experience.
• Participate in on-call rotation to support after-hours incident response and critical security operations as needed.

Benefits

• The estimated base salary range for this position is $190,000 to $220,000 at the time of posting. The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. This role is exempt meaning it is not overtime pay eligible.