Senior Manager, Identity and Access Management

About the position

This position is responsible for ensuring that a large, multi-faceted Identity and Access Management (IAM) program is in place governing provisioning, access, single sign-on (SSO), directory services and technical integrations, as well as supporting behavioral analytics. The Senior Manager, Identity and Access Management position requires leadership and team management skills, along with technical expertise. This role leads a small team of individuals and third-party resources in architecture, engineering, administration and governance tasked with ensuring IAM services are applied to corporate-managed assets as well as vendors and other third-party entities. The Senior Manager, Identity and Access Management must identify and effectively communicate an actionable workload for team members that adheres to business initiatives - balancing business risk and IAM security best practices.

Responsibilities

• Manages a 24x7 global team of IAM professionals tasked with technical deployment of identity and access controls across disperse geographic locations
• Leads a team including hiring, career development and performance reviews with a focus on enhancing leadership effectiveness
• Provides leadership, mentoring and coaching for all staff and fosters a culture of accountability, innovation and team building
• Accountable for all phases of Identity and Access Management
• Develops and implements training and succession plans to develop
• Directs technical stakeholders to implement IAM solutions that align with access policies and processes.
• Ensures employees maintain up-to-date configuration documentation for systems and processes.
• Rigorously maintain security systems and administer security configurations that reduce risk to enterprise systems and accounts
• Leads the team through IAM governance, policies and solutions across SSO, directory, certificate, multi-factor authentication (MFA), privileged accounts, automation and behavior analytic systems
• In tandem with business units, supports business metrics associated with IAM initiatives
• Manages team member access across organizational systems as well as external entities
• Aligns operational policies and procedures in tandem with business leaders and technology partners
• Constructs and carries out a strategic vision for rigorous and scalable IAM controls with key performance indicators
• Supervises routine access reviews that align with business unit requirements for certification and re-certification
• Attends change and project management meetings and engages with other participants
• Liaisons with auditors, both internal and external, to maintain and implement controls for compliance and privacy laws
• Acts as a primary point of contact for disaster recovery and business continuity
• Continuously identifies and executes on opportunities to improve the efficiency and effectiveness of the IAM team and processes
• Works collaboratively with internal technical teams as well as business units clarify roles/responsibilities
• Establishes, maintains, and communicates written IAM processes and procedures
• Develops appropriate communications to end users
• Performs other duties as assigned

Requirements

• People management experience with proven record of motivating staff, working collaboratively, coaching direct reports in a team environment with accountability is required
• At least 7-10+ years' experience in cybersecurity or information technology, with at least five years in IAM
• Highly technical and analytical, with a proven deep background in IAM technology design, implementation and delivery
• The ideal candidate is technical and possesses at least seven years' experience in technology and security administration across large heterogeneous networks, including third-party entities
• Working knowledge of Windows, Linux, Unix and industry-leading IAM solutions
• Experience in IAM solutions both on-premises and in the cloud is strongly desired
• Extensive knowledge of SSO, MFA, Active Directory (AD), public key infrastructure (PKI), privileged accounts and integration (API) capabilities is required
• Experience administering IAM systems, access controls, security and risk management, as well as a security governance framework at scale is required
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively is required
• Experience with SOX desired
• Experience with Amazon Web Services (AWS) or Microsoft Azure preferred
• Familiarity with federal, state, and international privacy laws is desired
• Demonstrated change mindset with the ability to see the big picture
• Self-motivated, directed and well-organized, with the vision to position controls in anticipation of threats
• Excellent verbal and written communication skills required
• Ability to translate technical security concepts into lay terms is required
• Ability to communicate situations to all levels including senior management is required
• Experience with NIST standards for cybersecurity and identity and access management strongly desired
• The ability to obtain and maintain a US Government security clearance desired but not required
• CISSP, CISM, GIAC or similar security certifications desired but not required.

Nice-to-haves

• Experience with SOX
• Experience with Amazon Web Services (AWS) or Microsoft Azure
• Familiarity with federal, state, and international privacy laws
• Experience with NIST standards for cybersecurity and identity and access management
• The ability to obtain and maintain a US Government security clearance
• CISSP, CISM, GIAC or similar security certifications

Benefits

• 401k
• health_insurance
• dental_insurance
• vision_insurance
• life_insurance
• disability_insurance
• paid_holidays
• paid_volunteer_time
• flexible_scheduling
• tuition_reimbursement
• professional_development