Iam Director

Job Description

As a UW employee you have a unique opportunity to change lives on our campuses in our state and around the world. UW employees offer their boundless energy creative problem-solving skills and dedication to build stronger minds and a healthier world. By being deeply invested in our work showing compassion in our interactions and embodying the spirit of a team player each member contributes to a thriving community. UW is committed to attracting and retaining a diverse staff; your experiences perspectives and unique identities will be honored at the University of Washington. Together our community strives to create and maintain working and learning environments that are inclusive equitable and welcoming.

The University of Washington is at the forefront of leveraging cutting-edge technologies to transform education research and healthcare. UW Information Technology (UW-IT) is the central IT organization for the University of Washington collaborating with partners across the University community to advance teaching learning innovation and discovery. UW-IT delivers critical IT services and support to all three campuses UW medical centers and global research operations. Innovation and discovery are at the heart of what UW-IT does and drive the work in advancing the University of Washingtons role and mission.

We are seeking an innovative and experienced Director of Identity and Access Management (IAM) to lead the development and execution of a comprehensive IAM strategy across the University. This role serves as a Subject Matter Expert (SME) and leads the team responsible for all engineering and operational aspects of identity and access management including authentication and authorization access control and identity governance stewardship ensuring secure and seamless access to systems data and applications.

This position reports to the Chief Information Security Officer (CISO) and Associate Vice President of Information Security (IS) division and will work closely with other IT leadership and teams across three campuses and UW Medicine as well as vendors such as Microsoft Workday ServiceNow etc. to design and operate an identity and access solution that supports the Universitys mission.

This position requires extensive and deep expertise in IAM technologies and the ability to lead strategic initiatives to modernize and strengthen identity and access technologies and practices. A broad understanding of complex and diverse University privacy and identity needs is required to assess design build deliver and support IAM services that ensure the security compliance and user experience are optimized while mitigating risks associated with unauthorized access and identity theft. This position must stay informed of new technologies and respond to vulnerabilities in a constantly evolving landscape.

The individual in this position must be a knowledgeable articulate and a persuasive leader who can communicate information technology security- and privacy-related concepts and issues to a broad range of technical and non-technical staff including the senior management team and executives. The nature of this position may require the Director to quickly escalate issues to management or leadership to protect critical university information. This person will handle matters of utmost sensitivity with regards to potential incidents that may impact UW campuses and UW Medicine as well as Human Resources actions into misconduct that require absolute confidentiality and integrity.

This position will apply a business customer perspective to work with constituents to negotiate best approaches and priorities and lead complex technology innovation efforts involving multiple organizations end user groups and technical teams.

This position exercises substantial discretion independent judgment and decision-making authority in applying the responsibilities called for. Responsibilities are to be carried out at a high level of technical expertise collaborating with senior leadership stakeholders and technical and business operations teams to successfully develop implement and manage within areas of responsibility.

This position may provide access to restricted or confidential information including: employee and patient information financial information or other sensitive information. The incumbent should access and use this sensitive information to perform job responsibilities and duties and only for authorized purposes.

IAM is at the very core of the University activities and is a critical component for FERPA HIPAA and numerous other administrative functions such as human resources facilities purchasing research grants contracts and legal affairs. As more technological solutions become available in the marketplace this person needs to ensure that the Universitys interests with respect to identity and access are properly vetted before new solutions are deployed.

For each member of the UW community there are layers of authorization depending on that members relationship with the University (faculty student staff clinical worker doctor collaborator vendor etc.) their responsibilities and the tools they must use to participate in their UW role. These needs are managed through the IAM Business Service. As such this Director is responsible not only for UWITs delivery of IAM services but also for advising many University divisions (e.g. Student Service Graduate School Purchasing College of Arts and Sciences etc.) on an appropriate robust IAM solution that will meet the Universitys diverse functional needs in an increasingly expanding and complex technological environment.

This position is also responsible for driving UWs IAM interests in the national Research & Education environment to help UW retain its leadership and collaborative role in research teaching and learning healthcare and community service.

While this Director operates within the UWIT division they are also expected to be a leader and manage relationships with multiple campus departments UW Medicine within forums of their national peers and with UWs varied strategic partners.

Position Responsibilities:

Strategy and Leadership (30%)

• Develop and lead the Universitys IAM strategy to modernize and strengthen identity and access practices ensuring it aligns with business goals security requirements and emerging technologies.

• Facilitate the development and execution of strategic roadmaps and distributed IAM architecture to support critical services updating priorities and identifying resource requirements.

• Participate in groups and committees to represent IAM both as an enterprise shared service and critical partner for other enterprise initiatives projects and business stakeholders.

• Act as an expert resource for engineers and analysts working on complex technical issues spanning all information technologies for the university.

• Embed Zero Trust principles into the Universitys IAM strategy ensuring continuous verification of users and devices.

• Oversee the architecture and deployment of scalable secure and flexible identity solutions that support cloud on-premises and hybrid environments and ensure that identity and access management tools and practices are aligned with overall security architecture.

• Lead initiatives to integrate security-by-design principles into identity systems and processes ensuring that security is considered at every stage of development.

• Collaborate with cross-functional teams to integrate identity and access management (IAM) systems with other cybersecurity and business systems to enhance user experience and security.

• Conduct reporting to ensure visibility for leadership institutional affiliates stakeholders and customers. Regularly review and evaluate data to provide awareness analysis planning set service expectations and improve performance.

IAM Program and Operations Management (35%)

• Lead the end-to-end management of the IAM program including identity lifecycle management authentication authorization and access control mechanisms.

• Ensure effective identity governance through role-based access controls (RBAC) least privilege principles and just-in-time (JIT) access strategies.

• Manage and optimize the Universitys IAM tools and platforms such as Single Sign-On (SSO) Multi-Factor Authentication (MFA) Privileged Access Management (PAM) and Identity Governance and Administration (IGA).

• Implement manage and optimize the Privileged Access Management (PAM) solutions to control monitor and audit access to sensitive systems by privileged users.

• Develop implement and enforce access management policies standards and procedures to ensure secure and compliant access to systems applications and data.

• Ensure compliance with regulatory requirements and industry standards (e.g. GDPR HIPAA PCI-DSS SOX) related to identity management and data access.

• Lead periodic audits of access controls and identity management processes ensuring adherence to internal policies and external regulations.

• Lead the development and implementation of automated user provisioning and de-provisioning processes to manage user identities and access across all systems.

• Ensure that identity governance policies are in place for monitoring and controlling user entitlements and certifications.

• Drive the adoption of self-service access request and management tools to enhance user efficiency and reduce administrative overhead.

• Ensure that identity and access management solutions are designed with user experience in mind balancing security and ease of use.

• Lead training and awareness efforts to ensure that employees understand and comply with access management policies and best practices.

• Collaborate with the security operations team to monitor and detect identity-based threats such as credential theft account takeovers and insider threats.

• Oversee the implementation of identity analytics and behavior monitoring tools to detect anomalous access patterns and potential threats in real time.

• Drive incident response efforts related to identity breaches and unauthorized access ensuring rapid containment and remediation.

• Manage relationships with IAM solution providers ensuring that third-party tools and services are aligned with University security and performance requirements.

• Conduct due diligence on identity-related vendors and third-party access to minimize risks associated with external partners.

• Oversee the procurement and evaluation of new IAM technologies and solutions that align with the Universitys strategic goals.

People Management and Cross-Functional Collaboration (25%)

• Be a fully present member of the Information Security (IS) leadership team and drive the embodiment of UWIT core values (Invested Compassionate Team Player).

• Recruit train coach motivate and manage performance of permanent and temporary staff providing guidance on skill and career development.

• Ensure that the team is equipped with the necessary tools and training to manage the evolving identity and access management landscape.

• Foster a collaborative and inclusive work environment that encourages innovation and continuous improvement.

• Work closely with IT teams and business units to ensure that identity and access management solutions meet their needs while adhering to security best practices.

• Partner with cloud and infrastructure teams to ensure seamless integration of identity solutions with cloud services (e.g. AWS Azure GCP) and SaaS applications.

• Engage with HR legal and compliance teams to support identity management aspects of employee onboarding offboarding and role changes.

Budget Management (10%)

• Manage operational capital and project budgets including FTE software licensing vendor contracts and other expenditures.

• Participate in and provide advice for annual budget development process and major financial planning and strategy.

• Routinely monitor actual expenditures against budgets to ensure alignment with IT Services financial standards.

Position Qualifications:

• Bachelors degree in Information Security Computer Science or a related field.

• At least 6 years of progressive technology security and professional services experience with the design implementation and management of identity and access systems inclusive of 5 years in a leadership or strategic role with experience of managing coaching and developing high performing teams of security/technology/business professionals in complex environments to meet operations enterprise and strategic objectives.

• Expertise in IAM tools and platforms such as SailPoint Okta Ping Identity Microsoft Entra ID CyberArk Twilio etc. or comparable systems.

• Strong understanding of IAM concepts such as Single Sign-On (SSO) Multi-Factor Authentication (MFA) Privileged Access Management (PAM) and Zero Trust.

• Strong experience with Identity Lifecycle Management (provisioning de-provisioning JML flows) including both event-based and state-based identity architectures.

• Extensive experience and background with on-premise and cloud technology operating systems and applications preferably including academic institutions and large healthcare systems.

• Good understanding of distributed systems APIs and automation workflows.

• Familiarity with major technology vendors and their products commonly used in academic institutions and large healthcare systems.

• Experience with identity governance role-based access control (RBAC) and automated provisioning/de-provisioning processes.

• Knowledge of regulatory frameworks and compliance requirements related to identity and data access such as GDPR HIPAA and SOX.

• Relevant certifications such as Certified Information Systems Security Professional (CISSP) Certified Identity and Access Manager (CIAM) or Certified Information Security Manager (CISM) preferred.

• Extensive experience with project and program management in technical environments with diverse stakeholder groups.

• Ability to design and implement long-term strategies that align with University business objectives.

• Proven ability to lead teams and drive strategic initiatives in a complex environment.

• Proven ability to make administrative/procedural decisions and provide guidance and leadership to staff.

• Excellent ability to communicate complex technical issues to both technical and non-technical stakeholders.

Preferred Qualifications:

• Masters degree preferred

• 15 years of progressive technology security and professional services experience with the design implementation and management of identity and access systems inclusive of 5 years in a leadership or strategic role with experience of managing coaching and developing high performing teams of security/technology/business professionals in complex environments to meet operations enterprise and strategic objectives.

Working Conditions:

Hybrid minimal 2-days a week on site.

Compensation Benefits and Position Details

Pay Range Minimum:

Pay Range Maximum:

Other Compensation:

Benefits:

Temporary or Regular

FTE (Full-Time Equivalent):

Union/Bargaining Unit:

About the UW

Working at the University of Washington provides a unique opportunity to change lives on our campuses in our state and around the world.

UW employees bring their boundless energy creative problem-solving skills and dedication to building stronger minds and a healthier return they enjoy outstanding benefits opportunities for professional growth and the chance to work in an environment known for its diversity intellectual excitement artistic pursuits and natural beauty.

Our Commitment

The University of Washington is committed to fostering an inclusive respectful and welcoming community for all. As an equal opportunity employer the University considers applicants for employment without regard to race color creed religion national origin citizenship sex pregnancy age marital status sexual orientation gender identity or expression genetic information disability or veteran status consistent with UW Executive Order No. 81.

To request disability accommodation in the application process contact the Disability Services Office at or .

Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law.