IAM Lead – Sr. IAM OpsSailPoint Lead

Position: IAM Lead Sr. IAM Ops/SailPoint Lead

Location: Juno Beach FL

Contract: 12 months (potential for extension)

Interview Process: 1 2 rounds (1st round - virtual and in person set up in the 2nd round)

We have an immediate opening for an IAM Lead (Operations/Support) role based onsite in Juno Beach FL. Were looking for a senior professional with deep IAM operations experience strong leadership skills and solid hands-on technical knowledge across cloud and on-prem environments.

Please note this is fully onsite and were only considering local or nearby candidates (no relocation).

Required Skills and Experience:

• Education: Bachelors in Computer Science Information Systems Cybersecurity or related field (equivalent experience accepted).
• Experience: 8 years in IAM with at least 3 years leading operations/support teams in large regulated enterprises.
• Platforms: SailPoint Identity Security Cloud (IdentityNow/IIQ) Azure AD/Active Directory One Identity Safeguard (PAM Safeguard for Sudo Safeguard Authentication Services) SSO/MFA; LDAP/Kerberos SAML/OIDC/OAuth2 SCIM PKI.
• HRIS Integrations: SAP SuccessFactors and SAP Fieldglass for identity lifecycle.
• Systems: Windows Linux and macOS identity integration at enterprise scale.
• ITIL/SRE: Major incident management SLAs/SLOs problem/change management observability.
• Automation: PowerShell Python scripting API orchestration configuration-as-code CI/CD practices.
• Compliance: SOX and NERC-CIP controls and audit readiness.
• Communication: Strong executive and technical communication concise incident reporting and stakeholder management.

Preferred Qualifications:

• Certifications: CISSP CISM ITIL v4 Microsoft Entra/Azure Administrator SailPoint One Identity Safeguard; SAFe certification is a plus.
• Cloud: AWS/Azure/GCP IAM fundamentals secrets management conditional access and identity threat detection.
• Tooling: SIEM/SOAR Splunk/Elastic Prometheus/Grafana/Datadog ServiceNow ITSM/CMDB.
• Delivery: UAT/regression suites for IAM changes PI Planning Agile release trains.

• Lead Operations/Support for Identity & Access Management (IAM) tools and processes. The IAM Operations & Support Leader owns the reliability security and compliance of enterprise identity services across on prem and cloud environments. This role leads 24x7 service delivery for identity governance and administration and privileged access ensuring resilient operations excellent user experience and audit-ready controls. The leader manages a multidisciplinary team and vendor partners drives automation and continuous improvement and aligns service outcomes to business SOX and NERC CIP requirements.
• Scale: Enterprise Windows Enterprise Linux hybrid AD/Azure AD SailPoint Identity Security Cloud One Identity Safeguard (including Safeguard for Sudo and Safeguard Authentication Services) SSO/MFA HRIS integrations (SAP SuccessFactors SAP Fieldglass) CyberArk Privileged Access Management.
• Coverage: 24x7 operations global user base regulated utility environment.
• Essential Duties and Responsibilities
• Service Ownership and Strategy
  • 1.1 Define the IAM operations strategy service catalog SLAs/SLOs/SLIs and operational roadmaps aligned to business risk and compliance goals.
  • 1.2 Establish SRE-aligned practices for availability performance capacity and resilience including error budgets and reliability targets.
  • 1.3 Maintain the end-to-end service architecture and dependency maps for identity SSO/MFA PAM and provisioning services.
• Operations and Service Delivery
  • 2.1 Lead day-to-day operations for AD/Azure AD SailPoint ISC SSO/MFA PAM Linux/macos directory integrations and identity data pipelines.
  • 2.2 Build and manage a tiered L1/L2/L3 support model on-call rotations runbooks KB articles and self-service tooling.
  • 2.3 Drive monitoring/alerting event correlation and proactive problem detection using SIEM/observability platforms.
• Incident Problem and Change Management (ITIL)
  • 3.1 Serve as Major Incident Commander for IAM incidents; reduce MTTR via automation diagnostics and clear escalation paths.
  • 3.2 Run formal problem management RCAs post-incident reviews and corrective action tracking.
  • 3.3 Govern changes through CAB/ECAB maintenance windows and release calendars; optimize change success rate.
• Platform Administration and Reliability Engineering
  • 4.1 Ensure healthy operations of SailPoint Identity Security Cloud (connectors provisioning jobs access certifications) Azure AD/AD (sync domain controllers GPOs) and One Identity Safeguard (PAM vaults session mgmt Sudo SAS for Linux/macOS).
  • 4.2 Oversee upgrades patching capacity planning HA/DR backups and configuration baselines; validate failover and recovery procedures.
  • 4.3 Manage API usage throttling and integration resiliency with HRIS ITSM SIEM/SOAR and application endpoints.
• Identity Lifecycle and Provisioning
  • 5.1 Operate joiner mover leaver processes sourced from SAP SuccessFactors/Fieldglass including role/birthright access and approvals.
  • 5.2 Ensure accurate timely provisioning/deprovisioning to directories SaaS and on prem apps; remediate orphaned accounts and access drift.
  • 5.3 Govern AD group and entitlement hygiene bulk UID creation and mapping and automated GID/role assignments at scale.
• Privileged Access Management (PAM) and Unix/macOS Controls
  • 6.1 Enforce vaulting rotation session recording and JIT elevation via One Identity Safeguard; expand coverage and remove standing privilege.
  • 6.2 Standardize and audit sudoers policies and Safeguard Authentication Services across Linux/macOS fleets; centralize policy distribution and logs.
  • 6.3 Integrate PAM telemetry with SIEM; drive least privilege and break-glass controls with continuous testing.
• Security Risk and Compliance
  • 7.1 Maintain controls for SOX NERC CIP NIST 800 53/63 and IAM best practices; keep services audit ready with evidence automation.
  • 7.2 Support access certifications entitlement reviews SoD/toxic combination policies and quarterly control attestations.
  • 7.3 Partner with security and audit teams on risk assessments control testing and remediation tracking.
• Automation and Continuous Improvement
  • 8.1 Implement policy as code and configuration as code for IAM platforms; leverage CI/CD for safe repeatable changes.
  • 8.2 Automate monitoring provisioning workflows connector health checks and evidence collection via APIs PowerShell/Python and orchestration tools.
  • 8.3 Lead guided automated deployments UAT frameworks regression testing and performance baselining.
• Stakeholder Engagement and Communications
  • 9.1 Publish service health dashboards KPI reports (availability MTTR SLA attainment certification completion) and executive briefings.
  • 9.2 Coordinate with Security HR IT Ops and application owners on priorities readiness and release plans.
  • 9.3 Manage service intake and expectations; escalate risks and trade-offs clearly with recommended actions.
• Business Continuity and Resilience
  • 10.1 Maintain DR/MCBP plans recovery runbooks and cyber recovery posture for identity services.
  • 10.2 Conduct exercises (tabletops failovers chaos drills) and close gaps proactively.
  • 10.3 Ensure privileged recovery capabilities and offline procedures are tested and documented.
• Qualifications
• Required Skills and Experience
• Education: Bachelors in Computer Science Information Systems Cybersecurity or related field; equivalent experience considered.
• Experience: 8 years in IAM with 3 years leading operations/support teams in large regulated enterprises.
• Platforms: SailPoint Identity Security Cloud (or IdentityNow/IIQ) Azure AD/Active Directory One Identity Safeguard (PAM Safeguard for Sudo Safeguard Authentication Services) SSO/MFA; LDAP/Kerberos SAML/OIDC/OAuth2 SCIM PKI.
• HRIS Integrations: Operating identity lifecycle fed by SAP SuccessFactors and SAP Fieldglass.
• Systems: Enterprise Windows Linux and macOS identity integration at scale.
• ITIL/SRE: Major incident leadership problem/change management SLAs/SLOs observability capacity and performance management.
• Automation: Strong scripting (PowerShell Python) API orchestration configuration as code and CI/CD practices.
• Compliance: Demonstrated success maintaining SOX and NERC CIP controls and passing audits.
• Communication: Clear executive and technical communication concise incident updates and stakeholder management.
• Preferred Qualifications
• Certifications: CISSP CISM ITIL v4 Microsoft Entra/Azure Administrator SailPoint One Identity Safeguard; SAFe certifications a plus.
• Cloud: AWS/Azure/GCP IAM fundamentals secrets management conditional access and identity threat detection.
• Tooling: Experience with SIEM/SOAR Splunk/Elastic Prometheus/Grafana/Datadog ServiceNow ITSM/CMDB.
• Delivery: Experience running UAT/regression suites for IAM changes; familiarity with PI Planning and Agile release trains.
• Core Competencies and Attributes
• Security first and reliability obsessed mindset with strong customer empathy.
• Ownership and bias for action; calm decisive incident leadership.
• Strategic and operational balance; data driven and metrics focused.
• Collaborative diplomatic and effective at influencing across teams and vendors.
• Work Conditions
• Participation in on call rotation and off hours maintenance windows as needed; occasional travel for team vendor or audit engagements.
• Key Success Metrics
• Service availability/SLO attainment MTTR and incident volume trend change success rate provisioning SLA compliance certification completion on time privileged account coverage and policy adherence audit findings reduced/cleared automation coverage and toil reduction.