Senior Manager, Identity & Access Management

The Senior Manager, Identity and Access Management (IAM) will build and lead the enterprise IAM program that protects AHEAD’s people, systems, and data by ensuring the right identities have the right access at the right time. This leader will own the IAM strategy, roadmap, and day‑to‑day operations across workforce identities, privileged access, and application access management.

The ideal candidate has deep expertise in modern identity platforms and patterns (SSO, MFA, lifecycle automation, role‑based access control, just‑in‑time access), as well as proven experience managing security programs and high‑performing technical teams. This individual will partner closely with Technology Operations, Security Engineering, Application Engineering, People & Culture, and Managed Services to embed identity as a foundational control across the enterprise.

• Set the enterprise IAM strategy, standards, and roadmap, aligned to AHEAD’s growth, risk appetite, and technology direction.
• Own the identity lifecycle (joiner/mover/leaver) across employees, contractors, and partners, including automation with HRIS and directory systems.
• Lead the design, implementation, and operation of single sign‑on (SSO), multi‑factor authentication (MFA), and conditional access policies across cloud and on‑premises applications.
• Oversee privileged access management (PAM) for administrative accounts, including just‑in‑time elevation, session monitoring, and credential vaulting.
• Build and operate access request, approval, and fulfillment workflows, ensuring a positive end‑user experience with clear SLAs and auditable controls.
• Lead recurring access reviews and certifications for critical applications, infrastructure, and data sets in coordination with business and control owners.
• Partner with Engineering and Operations to integrate IAM signals (logins, anomalies, policy violations) into monitoring, detection, and incident response workflows.
• Collaborate with Governance, Risk & Compliance to ensure IAM controls support ISO 27001, SOC 2, NIST, and privacy requirements and are evidenced for audits and customer assessments.
• Own application onboarding into the IAM ecosystem, including standards for authentication (SAML/OIDC/OAuth), authorization, and account provisioning.
• Drive zero trust and identity‑centric security practices, ensuring identity becomes the primary perimeter for workforce and partners.
• Manage IAM vendors and service providers, including contracts, service levels, roadmaps, and cost optimization.
• Develop and maintain IAM policies, standards, and playbooks, and deliver training to technical and non‑technical stakeholders.
• Monitor and respond to identity‑related incidents, including account compromise, abuse of privilege, and access misconfiguration; lead root cause analysis and remediation.
• Track and report KPIs and KRIs (e.g., MFA coverage, SSO adoption, time‑to‑provision, access review completion) and brief leadership on risk posture and investment needs.
• Recruit, develop, and mentor a high‑performing team, fostering a culture of accountability, collaboration, and continuous improvement.

• Bachelor’s degree or equivalent experience.
• 10 or more years of experience in Technology or Information Security, with at least 5 years in a leadership role.
• One or more security certifications such as CISSP, CRISC, CISA, CISM, CIPP/US, PCI QSA, or ISO 27001 Lead Auditor is required.
• Advanced understanding of enterprise identity platforms such as Okta, Azure AD / Entra , and related technologies (SSO, MFA, federation, conditional access, SCIM).
• Hands on experience working in a ISO/IEC- or NIST-based security program.
• Hands‑on experience designing and operating IAM architectures in hybrid and multi‑cloud environments (AWS, Azure, GCP).
• Demonstrated experience with role engineering, access modeling, and access review programs, including tooling for identity governance and administration (IGA).
• Excellent communication and interpersonal skills, with the ability to articulate complex security concepts to a non‑technical audience.
• Strong leadership skills and the ability to manage multiple projects and priorities
• Highly organized and ability to work independently.

• Ability to safely and successfully perform the essential job functions consistent with the ADA, FMLA and other federal, state and local standards, including meeting qualitative and/or quantitative productivity standards.
• Ability to maintain regular, punctual attendance consistent with the ADA, FMLA and other federal, state, and local standards.

$170,000 - $200,000 a year