Senior Manager, Identity & Access Management

The Senior Manager, Identity & Access Management (IAM) is responsible for defining and advancing the Firm’s enterprise IAM strategy to protect access to systems, applications, and data. This role provides IAM strategy, governance, and risk oversight, partnering closely with global IT teams, HR, and business stakeholders. The ideal candidate is a hands-on technical leader with strong technical depth and proven delivery experience, able to translate security and compliance requirements into scalable, business-aligned IAM capabilities while enabling secure business operations. The person in this role must be detail-oriented with the ability to adapt rapidly to new challenges, think creatively and holistically, and quickly resolve unforeseen issues. Essential Job Duties & Responsibilities Develop and execute the firm’s IAM strategy and roadmap aligned with enterprise security objectives, business priorities, and client requirements. Establish and enforce identity governance and access management standards, including role-based access control (RBAC), least privilege, segregation of duties (SoD), and periodic access certifications, ensuring consistent adoption across the firm. Define, maintain, and operationalize IAM policies, standards, procedures, and reference architectures to support consistent, auditable, and scalable access management practices. Partner with technology risk and client assurance teams to support internal and external assessments and drive remediation of IAM-related findings. Define security requirements and governance standards for IAM technologies and platforms, including Active Directory, Entra ID (Azure AD), SAML/SSO, MFA, PAM, and cloud-based IAM services. Partner with Infrastructure and Application teams to support the secure implementation and ongoing operation of IAM controls across on-premises, cloud, and SaaS environments. Own the selection, configuration, and lifecycle management of identity-specific security platforms, including authentication, identity governance, and privileged access management solutions in alignment with enterprise architecture standards. Serve as the technical authority and escalation point for identity security platforms, responsible for architecture decisions, advanced configuration, integrations, upgrades, and decommissioning. Maintain deep, hands-on expertise in Active Directory, Entra ID (Azure AD), Windows Certificate Services (CA), and core identity protocols, including LDAP, Kerberos, SAML, OAuth, and OpenID Connect. Design, implement, and operate privileged access controls, strong authentication policies, and identity governance workflows within security-owned IAM and PAM platforms. Design and develop automation and tooling to support IAM processes such as joiner/mover/leaver workflows, access provisioning and deprovisioning, access reviews, privileged access elevation, and certificate lifecycle management. Reduce manual effort and operational risk by identifying opportunities to s