Identity and Access Management (IAM) Manager

Full Job Description

About the job

Each and every role throughout our organization makes a difference in our ability to change the world for the better. Read further to learn how you could help make great things possible not only in your community, but around the world.

The Identity and Access Management (IAM) Manager is a key leadership role responsible for the strategic direction, implementation, and management of HDR’s IAM program to protect critical systems and data. Reporting to the Director of Cybersecurity, this position leads a team of IAM professionals and oversees the full identity lifecycle, including provisioning, access governance, and deprovisioning. The IAM Manager will develop and enforce policies, implement modern IAM technologies, and ensure compliance with security and regulatory standards.

This role requires a blend of technical expertise, strong leadership, and the ability to drive innovation in identity-centric security areas, while collaborating closely with cross-functional teams to ensure secure, efficient, and compliant access to systems and data across the organization.

Strategic & Leadership Responsibilities

Program Ownership and Strategy: Own the overall IAM program, including developing, implementing, and maintaining a long-term IAM strategy that aligns with HDR’s security goals and business objectives.
Policy and Governance: Define, enforce, and regularly review IAM policies, standards, and procedures, ensuring they comply with internal and external regulations, working closely with the Governance, Risk and Compliance Manager.
Risk Management: Conduct risk assessments on HDR’s IAM systems to identify vulnerabilities and provide solutions for improvement. This includes addressing risks throughout the entire identity lifecycle.
Budget and Resource Management: Work with the Cybersecurity Director in managing the IAM program budgets and resource allocation; build business cases for new tools and initiatives.
Team Leadership: Lead, mentor, and manage a team of IAM professionals. This includes setting performance goals, conducting reviews, and fostering a culture of security and operational excellence.
Authentication & Authorization: Work with other IT groups in helping manage and enhance authentication mechanisms, such as Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Privileged Access Management (PAM).
Cross-Functional Collaboration: Partner with IT, HR, Legal, and business units to align IAM solutions with organizational needs and maintaining a strong security posture.
Vendor and Technology Management: Evaluate and manage IAM technology vendors; stay current with emerging trends such as Zero Trust, passwordless authentication, and identity orchestration.

Technical & Operational Responsibilities

Identity Lifecycle Management: Oversee the full identity lifecycle for all users (employees, contractors, and partners) from onboarding and provisioning to access reviews and offboarding.
Auditing and Compliance: Plan and execute regular audits of user access, security groups, and privileged accounts to ensure compliance with policies and regulations. Respond to internal and external audit findings and implement remediation plans.
Incident Response: Serve as escalation point for IAM-related incidents; lead investigations and remediation; recommend corrective actions to prevent future incidents.
Project Management: Lead IAM projects, including technology deployments, upgrades, and integrations.
Reporting and Metrics: Track and report IAM program performance metrics to senior leadership.

Preferred Qualifications

Minimum 3 years of proven leadership experience managing teams and IAM programs in large environments.
Minimum 5 years of experience in IAM, including governance, risk management, and enterprise IAM platforms.
Strong knowledge of IAM technologies (SailPoint, Entra ID, AWS IAM) and federation protocols (OAuth, SAML, OpenID).
Experience with Zero Trust, passwordless authentication, and identity orchestration.
Project management experience and familiarity with ITIL practices.
Experience with security incident response and management processes.
Certified Identity and Access Manager (CIAM) – Identity Management Institute.
IAM certifications (e.g., Microsoft, Okta, AWS, Google).

Required Qualifications

Bachelor's degree in Business, IT or Management
A minimum of 7 years of experience with at least 5 years of project management experience
Experience leading large teams in a matrix management environment
Program management experience leading large programs that involve significant business change
Demonstrated track record of establishing priorities and meeting deadlines
Experience developing and managing program budgets
Knowledge of business case development including cost/benefit analysis, NPV, current and future state assessments.