Head of Identity and Access Management (IAM)Type: Permanent
Location: Hybrid (3 days per week onsite in Manchester)
Salary: Competitive base salary & strong overall benefits package
Job SummaryThe Head of IAM is a key leadership role responsible for developing and executing a comprehensive Identity and Access Management (IAM) strategy.
This includes overseeing the design, implementation, and operations of IAM solutions to ensure they align with the organization's cybersecurity and business goals.
The position involves building and leading a specialized IAM team, collaborating with external systems integrators and managed service providers, and ensuring the delivery of scalable and cost-effective IAM capabilities.
Key Responsibilities1.
Leadership and GovernanceProvide strategic oversight for IAM initiatives, including design, implementation, and operations.Drive IAM strategies that align with cybersecurity and business objectives while supporting broader organizational goals.Build and lead a team of IAM specialists focused on application onboarding, access governance, and operational processes such as access reviews and recertifications.Develop and enforce robust IAM governance frameworks, policies, and standards.Act as a subject-matter expert, offering guidance to stakeholders across the organization.2.
Design and ImplementationArchitect IAM solutions to address identity governance, privileged access management (PAM), single sign-on (SSO), and multi-factor authentication (MFA) requirements.Partner with systems integrators and IT teams to ensure the seamless implementation of IAM technologies.Optimize IAM operations in collaboration with managed service providers, focusing on efficiency, cost-effectiveness, and service level agreement (SLA) compliance.Standardize processes for provisioning, deprovisioning, recertification, and privileged access management across critical systems.3.
Team Building and LeadershipRecruit, develop, and lead a high-performing IAM team.Promote a culture of collaboration, innovation, and continuous improvement within the team.Drive initiatives to identify and mitigate identity-related risks, streamline processes, and enhance service delivery across business units.4.
Risk and Compliance ManagementEnsure IAM practices adhere to regulatory standards, including GDPR, PCI-DSS, and internal governance frameworks.Implement controls to manage third-party access risks and protect sensitive systems and data.Continuously evaluate and mitigate identity-related risks through robust IAM technologies and processes.5.
Cross-Functional CollaborationAct as the primary liaison between IT, InfoSec, and business leaders to ensure IAM initiatives align with both security requirements and business priorities.Support digital transformation efforts by embedding IAM into secure-by-design initiatives to minimize post-deployment remediation.6.
Technology and Vendor ManagementLead vendor relationships, ensuring partnerships with systems integrators and service providers deliver scalable, cost-effective IAM solutions.Oversee the deployment and optimization of IAM technologies (e.g., SailPoint, CyberArk, Azure AD).Ensure vendor performance aligns with timelines, budgets, and organizational security standards.7.
Metrics and Performance ManagementDefine and track key IAM metrics to measure operational efficiency, security effectiveness, and user satisfaction.Provide regular reports to senior leadership on IAM performance and alignment with strategic objectives.Drive continuous improvement in IAM processes, focusing on security resilience, user experience, and operational efficiency.Essential Skills & ExperienceLeadership: Proven track record of leading IAM teams and managing end-to-end IAM initiatives in a large, multi-national organization.Technical Expertise: In-depth knowledge of IAM technologies (e.g., SailPoint, CyberArk, Azure AD, MFA) and experience integrating them with cloud and on-premise environments.Strategic Thinking: Experience in aligning IAM strategies with organizational goals and risk management frameworks.Vendor Management: Expertise in collaborating with systems integrators and managed service providers.Risk Management: Proficiency in managing risks related to privileged access, third-party access, and regulatory compliance (e.g., GDPR, PCI-DSS).Collaboration: Strong interpersonal skills with a proven ability to bridge gaps between IT, InfoSec, and business units.Desirable SkillsExperience with cloud-based IAM platforms (e.g., Azure, AWS) and knowledge of DevSecOps practices.Familiarity with Agile and ITIL frameworks to enhance IAM efficiency.Relevant certifications (e.g., CISSP, CISM, CRISC).KPIs and Success MetricsReduction in identity-related security incidents.Enhanced efficiency and user satisfaction with IAM solutions such as SSO and MFA.Cost-effective IAM operations through optimized vendor partnerships.Improved governance frameworks and seamless collaboration between IT and InfoSec teams.Education & QualificationsBachelor's degree in Computer Science, Information Security, or a related field.8+ years of experience in IAM, cybersecurity, or technology leadership roles.Preferred certifications: CISSP, CRISC, CISM, or equivalent.
#J-18808-Ljbffr