Identity and Access Management Program Lead

Identity and Access Management Program Lead

This is a critical and high-impact role within our Information Security organization. It is ideal for an identity security professional ready to shape the future of enterprise-wide access at a leading financial services firm. As the IAM Program Lead, you will play a transformational role in building an enterprise-wide IAM program that directly influences cyber risk reduction, technology modernization, and Zero Trust adoption.

Key opportunities:

• Own and build a next-generation IAM program with strong leadership backing and multi-year investment.
• Lead a strategic transformation including IGA modernization, PAM evolution, advanced authentication, and identity governance maturity.
• Drive an AI‑assisted identity lifecycle, enabling frictionless access with strong security controls.
• Work cross‑functionally with cybersecurity leadership, technology teams, HR, Audit, and business partners.
• Grow and lead a team as the identity program expands into a Center of Excellence.

The IAM Program Lead is responsible for developing, implementing, and maturing the firm’s enterprise‑wide Identity and Access Management program. This leader will define the future‑state identity vision, oversee daily operations, modernize identity technologies, and ensure that IAM capabilities align with regulatory expectations and business needs. Reporting to the Co‑Chief Information Security Officer, the IAM Program Lead will shape strategy, own IAM platforms, and play a visible role advising technology and business leaders on identity security best practices.

• Define and drive the multi‑year IAM strategy, roadmap, and maturity model.
• Lead modernization initiatives, including passwordless authentication, role‑based/attribute‑based access controls, and entitlements governance.
• Serve as the primary advisor to leadership on identity security trends, risks, and future‑state direction.

• Oversee the development of an IAM Center of Excellence as the program scales.
• Lead and mentor IAM analysts and practitioners, fostering team growth and professional development.
• Communicate program performance, risks, and achievements to executive leadership and governance committees.

• Oversee end‑to‑end identity lifecycle processes: provisioning, deprovisioning, access requests, reviews, and exceptions.
• Ensure consistent, secure application of identity standards across the enterprise.
• Partner with Cybersecurity Operations on identity‑related incidents, access anomalies, and behavior analytics investigations.

• Partner with HR, Technology, Cybersecurity, and Business Units to align identity services with enterprise priorities.
• Lead awareness initiatives that improve identity hygiene and secure access practices across the firm.
• Act as a key influencer driving adoption of IAM best practices, policies, and controls.

• Bachelor’s degree and 6–8 years of experience in IAM, cybersecurity, or IT security disciplines.
• Experience in financial services, insurance, pharmaceutical or other highly regulated environments.
• 3–5+ years of leadership or program management experience within identity security.
• Expertise in identity lifecycle management, identity governance, authentication, directory services, and Zero Trust principles.
• Experience with major IGA and PAM platforms (e.g., SailPoint, Saviynt, Okta, Azure AD, Delinea, Cyber Ark).
• Experience managing identity integrations across cloud, hybrid, and on‑premises environments.
• Familiarity with AI‑assisted IAM workflows, behavioral analytics, and modern identity orchestration tools.
• Strong communication, presentation, and stakeholder management skills; ability to engage technical and non‑technical partners.
• Demonstrated success leading cross‑functional IAM initiatives and improving identity program maturity.

• Professional certifications such as CISSP, CISM, GIAC, or vendor‑specific identity certifications.
• Knowledge of regulatory frameworks including SOX, GLBA, NYDFS, NIST CSF, and ISO 27001.
• Experience with cloud identity (Azure, AWS, GCP), federation…