Identity and Access Management (IAM) Manager

The Identity and Access Management (IAM) Manager is a key leadership role responsible for the strategic direction, implementation, and management of HDR's IAM program to protect critical systems and data. Reporting to the Director of Cybersecurity, this position leads a team of IAM professionals and oversees the full identity lifecycle, including provisioning, access governance, and deprovisioning. The IAM Manager will develop and enforce policies, implement modern IAM technologies, and ensure compliance with security and regulatory standards.

This role requires a blend of technical expertise, strong leadership, and the ability to drive innovation in identity-centric security areas, while collaborating closely with cross-functional teams to ensure secure, efficient, and compliant access to systems and data across the organization.

Strategic & Leadership Responsibilities

*Program Ownership and Strategy: Own the overall IAM program, including developing, implementing, and maintaining a long-term IAM strategy that aligns with HDR's security goals and business objectives.

*Policy and Governance: Define, enforce, and regularly review IAM policies, standards, and procedures, ensuring they comply with internal and external regulations, working closely with the Governance, Risk and Compliance Manager.

*Risk Management: Conduct risk assessments on HDR's IAM systems to identify vulnerabilities and provide solutions for improvement. This includes addressing risks throughout the entire identity lifecycle.

*Budget and Resource Management: Work with the Cybersecurity Director in managing the IAM program budgets and resource allocation; build business cases for new tools and initiatives.

*Team Leadership: Lead, mentor, and manage a team of IAM professionals. This includes setting performance goals, conducting reviews, and fostering a culture of security and operational excellence.

*Cross-Functional Collaboration: Partner with IT, HR, Legal, and business units to align IAM solutions with organizational needs and maintaining a strong security posture.

*Vendor and Technology Management: Evaluate and manage IAM technology vendors; stay current with emerging trends such as Zero Trust, passwordless authentication, and identity orchestration.

Technical & Operational Responsibilities

*Identity Lifecycle Management: Oversee the full identity lifecycle for all users (employees, contractors, and partners) from onboarding and provisioning to access reviews and offboarding.

*Access Control: Implement and maintain Role-Based Access Controls (RBAC) and Attribute-Based Access Control (ABAC) models to enforce Least Privilege and Zero Trust principles.

*Authentication & Authorization: Work with other IT groups in helping manage and enhance authentication mechanisms, such as Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Privileged Access Management (PAM).

*System Administration: Oversee the administration and maintenance of IAM systems and applications, including directory services (e.g., Active Directory, LDAP), identity governance platforms, and privileged identity management (PIM) tools.

*Auditing and Compliance: Plan and execute regular audits of user access, security groups, and privileged accounts to ensure compliance with policies and regulations. Respond to internal and external audit findings and implement remediation plans.

*Incident Response: Serve as escalation point for IAM-related incidents; lead investigations and remediation; recommend corrective actions to prevent future incidents.

*Project Management: Lead IAM projects, including technology deployments, upgrades, and integrations.

*Reporting and Metrics: Track and report IAM program performance metrics to senior leadership.

Preferred Qualifications

*Minimum 5 years of experience in IAM, including governance, risk management, and enterprise IAM platforms.

*Strong knowledge of IAM technologies (SailPoint, Entra ID, AWS IAM) and federation protocols (OAuth, SAML, OpenID).

*Proven leadership experience managing teams and IAM programs in large environments.

*Experience with Zero Trust, passwordless authentication, and identity orchestration.

*Project management experience and familiarity with ITIL practices.

*Experience with security incident response and management processes.

*Certified Identity and Access Manager (CIAM) - Identity Management Institute.

*IAM certifications (e.g., Microsoft, Okta, AWS, Google).

#LI-KV1