Senior Manager, Identity Access Management

The Senior Manager, Identity & Access Management (IAM) is responsible for defining and advancing the Firm’s enterprise IAM strategy to protect access to systems, applications, and data.

This role provides IAM strategy, governance, and risk oversight, partnering closely with global IT teams, HR, and business stakeholders. The ideal candidate is a hands-on technical leader with strong technical depth and proven delivery experience, able to translate security and compliance requirements into scalable, business-aligned IAM capabilities while enabling secure business operations. The person in this role must be detail-oriented with the ability to adapt rapidly to new challenges, think creatively and holistically, and quickly resolve unforeseen issues. 

Essential Job Duties & Responsibilities

• Develop and execute the firm’s IAM strategy and roadmap aligned with enterprise security objectives, business priorities, and client requirements.
• Establish and enforce identity governance and access management standards, including role-based access control (RBAC), least privilege, segregation of duties (SoD), and periodic access certifications, ensuring consistent adoption across the firm.
• Define, maintain, and operationalize IAM policies, standards, procedures, and reference architectures to support consistent, auditable, and scalable access management practices.
• Partner with technology risk and client assurance teams to support internal and external assessments and drive remediation of IAM-related findings.
• Define security requirements and governance standards for IAM technologies and platforms, including Active Directory, Entra ID (Azure AD), SAML/SSO, MFA, PAM, and cloud-based IAM services.
• Partner with Infrastructure and Application teams to support the secure implementation and ongoing operation of IAM controls across on-premises, cloud, and SaaS environments.
• Own the selection, configuration, and lifecycle management of identity-specific security platforms, including authentication, identity governance, and privileged access management solutions in alignment with enterprise architecture standards.
• Serve as the technical authority and escalation point for identity security platforms, responsible for architecture decisions, advanced configuration, integrations, upgrades, and decommissioning.
• Maintain deep, hands-on expertise in Active Directory, Entra ID (Azure AD), Windows Certificate Services (CA), and core identity protocols, including LDAP, Kerberos, SAML, OAuth, and OpenID Connect.
• Design, implement, and operate privileged access controls, strong authentication policies, and identity governance workflows within security-owned IAM and PAM platforms.
• Design and develop automation and tooling to support IAM processes such as joiner/mover/leaver workflows, access provisioning and deprovisioning, access reviews, privileged access elevation, and certificate lifecycle management.
• Reduce manual effort and operational risk by identifying opportunities to standardize and automate identity processes across platforms and environments.
• Define and oversee user lifecycle management standards (joiner/mover/leaver), to ensure timely and secure onboarding, access changes, and deprovisioning.
• Establish governance and oversight for digital certificate inventory and lifecycle management, including issuance, renewal, and revocation processes.
• Identify IAM-specific risks such as misconfigurations, excessive access, orphaned accounts, and weak authentication controls, and partner with relevant stakeholders to prioritize and remediate issues.
• Ensure IAM practices align with applicable regulatory, privacy, and security frameworks (e.g., SOX, GDPR, ISO 27001, NIST).
• Develop dashboards, metrics, and reporting to provide visibility into IAM risks, control effectiveness, and program maturity for senior leadership.
• Provide IAM subject-matter expertise during security incidents, investigations, and control failures.
• Lead, mentor, and develop IAM engineers and analysts, fostering a culture of accountability, technical excellence, and continuous improvement.
• Influence and collaborate with technical and non-technical stakeholders to drive adoption of IAM best practices without impeding delivery.
• Communicate IAM risks, tradeoffs, and recommendations clearly to senior leadership and business stakeholders.
• Stay current on emerging IAM threats, technologies, and industry best practices.
• Drive continuous optimization of IAM governance processes to improve security, scalability, and user experience.
• Participate in on-call rotation to support after-hours incident response and critical security operations as needed.

Education

Required

• Bachelor’s degree in information security, IT, risk management, related discipline, or equivalent experience

Preferred

• Professional certifications such as CISSP, CISM, or similar

Skills and Experience

• 15+ years of progressive experience in IT or Information Security, with at least 5 years in a leadership role focused on IAM or access governance.
• Demonstrated success building, scaling, and operating enterprise-grade IAM programs in large, complex organizations, preferably in a hybrid environment (on-premises, multi-cloud, and SaaS).
• Proven ability to define IAM strategy, roadmap, and operating models, aligning capabilities with business objectives, risk posture, and regulatory requirements.
• Deep, hands-on expertise with identity lifecycle management, SSO, MFA, directory services (e.g., Active Directory, Entra ID), federation protocols (SAML, OAuth, OIDC), and PKI/certificate infrastructure.
• Experience implementing and managing Identity Governance & Administration (IGA) platforms such as SailPoint, Saviynt etc.
• Strong background in user access reviews, certification campaigns, entitlement modeling, role-based and policy-based access controls
• In-depth understanding of NIST digital identity guidelines, including identity assurance and authentication levels
• Familiarity with compliance frameworks and standards such as NIST CSF and ISO 27001.
• Experience working in a global organization and collaborating across diverse business units.
• Strong program and project management skills, with experience delivering complex initiatives on time and within budget.
• Proven ability to manage third-party vendors, and software providers, including delivery oversight, and performance management.
• Demonstrated ability to lead, mentor, and develop high-performing IAM engineering and operations teams.
• Excellent executive communication and presentation skills, with the ability to clearly articulate risk, strategy, and technical concepts to both technical and non-technical audiences.
• Strong interpersonal and collaboration skills, with comfort engaging regularly with senior leadership and key internal and external stakeholders.
• Ability to manage multiple concurrent objectives and activities and make effective judgments in prioritizing and time allocation.
• Must be able to execute with limited information and ambiguity.
• Demonstrated continuous learning mindset, with the ability to stay current on emerging IAM technologies, security threats, vulnerabilities, and attack vectors
• Passion for innovation, automation, and driving continuous improvement in IAM processes.

NY Only: The estimated base salary range for this position is $190,000 to $220,000 at the time of posting.