Lead Director, Identity and Access Management

Position Summary

We're building a world of health around every individual - shaping a more connected, convenient and compassionate health experience. At CVS Health®, you'll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger - helping to simplify health care one person, one family and one community at a time.

The Director of Identity & Access Management (IAM) is a senior security and engineering leader responsible for building, leading, and sustaining the IAM function for a new CVS Health Venture. This role owns the end‑to‑end IAM program, including strategy, governance, engineering, and operations across a complex hybrid environment spanning Active Directory, Entra , GCP IAM, and Privileged Access Management. Operating in a greenfield environment, the Director will establish foundational identity models, access controls, and operating frameworks to deliver a secure, scalable, and audit‑ready IAM capability aligned with HIPAA, SOX, and enterprise security standards.

This leader is accountable for IAM as a business‑critical enterprise program, driving outcomes across security, compliance, and operational performance. The Director will lead and scale a high‑performing organization, establish clear governance and accountability across first and second lines of defense, and influence senior stakeholders on identity related risk and priorities. This role will define the IAM roadmap, advance automation and lifecycle capabilities, and drive continuous improvement as the function matures into a critical enabler of growth and compliance.

• Own and execute the enterprise IAM program strategy across the hybrid environment (Active Directory, Entra , GCP IAM, PAM).
• Define and enforce identity governance frameworks, including tiering models, access controls, and federation across AD, Entra, and GCP.
• Ensure IAM controls meet HIPAA, SOX, and enterprise security standards, partnering with audit, compliance, and legal teams.
• Serve as the primary IAM authority, guiding cross-functional decisions on identity risk, access governance, and control enforcement.

• Provide leadership oversight of identity platform design and configuration, including AD structure, group policy, and permission models.
• Ensure identity access is structured to prevent privilege creep through effective role design, inheritance control, and policy enforcement.
• Oversee Privileged Access Management (PAM), enforcing least privilege and eliminating persistent administrative access.
• Guide implementation of secure identity patterns (e.g., federation, service accounts, VPC Service Controls, emergency access).

• Own IAM operational performance, including KPIs, reporting, audit readiness, and service reliability.
• Establish and maintain runbooks, SOPs, and access lifecycle processes (joiner/mover/leaver).
• Oversee incident response, access escalations, and high-risk revocations, ensuring timely resolution and SLA adherence.
• Lead access reviews, remediation efforts, and continuous improvement of IAM maturity and control effectiveness.
• Ensure disaster recovery, business continuity, and resilience of identity platforms.

• Build and lead a high-performing IAM organization, including hiring, structure, and capability development across engineering and operations.
• Establish clear operating models, accountability, and governance across first and second lines of defense.
• Provide executive-level reporting and communication on IAM risks, performance, and maturity.

• Drive automation of identity lifecycle management, provisioning, certification, and compliance reporting.
• Own the IAM roadmap, aligning technology investments with business growth and regulatory requirements.
• Evaluate and implement emerging IAM and PAM technologies to enhance scalability, efficiency, and security posture.

• 10+…