Head of Identity and Access Management (IAM) Type: Permanent Location: Hybrid (3 days per week onsite in Manchester Salary: Competitive base salary & strong overall benefits package Job Summary The Head of IAM is a key leadership role responsible for developing and executing a comprehensive Identity and Access Management (IAM) strategy.
This includes overseeing the design, implementation, and operations of IAM solutions to ensure they align with the organization's cybersecurity and business goals.
The position involves building and leading a specialized IAM team, collaborating with external systems integrators and managed service providers, and ensuring the delivery of scalable and cost-effective IAM capabilities.
Key Responsibilities 1.
Leadership and Governance Provide strategic oversight for IAM initiatives, including design, implementation, and operations.
Drive IAM strategies that align with cybersecurity and business objectives while supporting broader organizational goals.
Build and lead a team of IAM specialists focused on application onboarding, access governance, and operational processes such as access reviews and recertifications.
Develop and enforce robust IAM governance frameworks, policies, and standards.
Act as a subject-matter expert, offering guidance to stakeholders across the organization.
2.
Design and Implementation Architect IAM solutions to address identity governance, privileged access management (PAM), single sign-on (SSO), and multi-factor authentication (MFA) requirements.
Partner with systems integrators and IT teams to ensure the seamless implementation of IAM technologies.
Optimize IAM operations in collaboration with managed service providers, focusing on efficiency, cost-effectiveness, and service level agreement (SLA) compliance.
Standardize processes for provisioning, deprovisioning, recertification, and privileged access management across critical systems.
3.
Team Building and Leadership Recruit, develop, and lead a high-performing IAM team.
Promote a culture of collaboration, innovation, and continuous improvement within the team.
Drive initiatives to identify and mitigate identity-related risks, streamline processes, and enhance service delivery across business units.
4.
Risk and Compliance Management Ensure IAM practices adhere to regulatory standards, including GDPR, PCI-DSS, and internal governance frameworks.
Implement controls to manage third-party access risks and protect sensitive systems and data.
Continuously evaluate and mitigate identity-related risks through robust IAM technologies and processes.
5.
Cross-Functional Collaboration Act as the primary liaison between IT, InfoSec, and business leaders to ensure IAM initiatives align with both security requirements and business priorities.
Support digital transformation efforts by embedding IAM into secure-by-design initiatives to minimize post-deployment remediation.
6.
Technology and Vendor Management Lead vendor relationships, ensuring partnerships with systems integrators and service providers deliver scalable, cost-effective IAM solutions.
Oversee the deployment and optimization of IAM technologies (e.g., SailPoint, CyberArk, Azure AD).
Ensure vendor performance aligns with timelines, budgets, and organizational security standards.
7.
Metrics and Performance Management Define and track key IAM metrics to measure operational efficiency, security effectiveness, and user satisfaction.
Provide regular reports to senior leadership on IAM performance and alignment with strategic objectives.
Drive continuous improvement in IAM processes, focusing on security resilience, user experience, and operational efficiency.
Essential Skills & Experience Leadership: Proven track record of leading IAM teams and managing end-to-end IAM initiatives in a large, multi-national organization.
Technical Expertise: In-depth knowledge of IAM technologies (e.g., SailPoint, CyberArk, Azure AD, MFA) and experience integrating them with cloud and on-premise environments.
Strategic Thinking: Experience in aligning IAM strategies with organizational goals and risk management frameworks.
Vendor Management: Expertise in collaborating with systems integrators and managed service providers.
Risk Management: Proficiency in managing risks related to privileged access, third-party access, and regulatory compliance (e.g., GDPR, PCI-DSS).
Collaboration: Strong interpersonal skills with a proven ability to bridge gaps between IT, InfoSec, and business units.
Desirable Skills Experience with cloud-based IAM platforms (e.g., Azure, AWS) and knowledge of DevSecOps practices.
Familiarity with Agile and ITIL frameworks to enhance IAM efficiency.
Relevant certifications (e.g., CISSP, CISM, CRISC).
KPIs and Success Metrics Reduction in identity-related security incidents.
Enhanced efficiency and user satisfaction with IAM solutions such as SSO and MFA.
Cost-effective IAM operations through optimized vendor partnerships.
Improved governance frameworks and seamless collaboration between IT and InfoSec teams.
Education & Qualifications Bachelor's degree in Computer Science, Information Security, or a related field.
8+ years of experience in IAM, cybersecurity, or technology leadership roles.
Preferred certifications: CISSP, CRISC, CISM, or equivalent.