About the Role:

The Team:

Own and run end-to-end IAM operations to deliver reliable secure and scalable identity services across workforce and non-human identities. This roleleadsglobal IAM service delivery third-party SI partners automation and self-service and the responsible adoption of AI agents to reduce manual work improve control quality and increase operational resilience.

Responsibilities and Impact:

IAM service ownership and operational excellence

• Own day-to-day IAM operations across identity lifecycle (joiner-mover-leaver) access requests SSO MFA federation directory integrations and accessfulfillmentworkflows.

• Run ITSM-aligned operations: incident problem change request and knowledge management with clear escalation paths and on-call readiness.

• Establish and report SLAs/SLOs and operational KPIs including availability MTTR ticket throughput backlog health and quality metrics (mis-provisioning rework escalations).

• Own operational communications: status updates planned maintenance notices user-impact messaging and post-incident reviews with measurable corrective actions.

Platform operations and integration reliability

• Oversee operational stability and administration for IAM platforms and dependencies (examples: SSO/MFA platforms directories IGA administration ITSM workflows HR source-of-truth APIs/connectors).

• Partner with architecture and engineering teams to improve reliability resilience and deployment outcomes (release readiness change controls rollback strategies).

• Lead audit and compliance execution for access controls: evidence collection recertification operational execution control testing support remediation tracking and sustained audit readiness.

Third-party SI partner and managed service leadership

• Lead performance of Systems Integrators and managed service providers supporting IAM operations and delivery (L2/L3 integrations platform administration upgrades migrations).Defin

• e scopes deliverables RACI runbooks and acceptance criteria for SI-delivered work and operational run support.

• Own partner governance: QBRs KPI scorecards SLA adherence staffing plans coverage model (onshore/offshore) escalations and continuous improvement commitments.

• Ensure external partnerscomply withsecurity standards: least privilege separation of duties change control secure credential handling logging and break-glass procedures.

Automation-first operations and elimination of manual tickets

• Establish an automation-first operating model targeting removal of repetitive manual tasks and reduction of ticket volume across IAM workflows.

• Build and manage an automation backlog with measurable outcomes (ticket deflection cycle-time reduction increased straight-through processing).

• Drive workflow orchestration across ITSM IGA directories and SSO using APIs event-driven triggers and reusable templates.

• Expand end-user self-service capabilities (requestcatalog automated approvals MFA recovery flowsidentityand access status checks) to reduce Service Desk dependency.

• Implement a continuous improvement loop:analyzetop ticket drivers remove root causes standardize processes improve knowledge and automate recurring issues.

AI agents and intelligent IAM operations

Introduce AI-assisted operations to improve productivity and service quality such as:

• Automated ticket triage classification routing and duplicate detection.

• Chat-based self-service to resolve common IAM issues and guide access requests.

• Automated audit evidence gathering and packaging.

• Assistedincident timelines RCA drafting and knowledge article creation.

• Implement governance for AI agents: role-based constraints approval workflows for high-risk actions auditable action logs deterministic fallbacks and secure access to secrets/tools.

Operational risk management and control quality

• Own operational risk posture for IAM services including access outages mis-provisioning privileged drift toxic combinations non-human identity sprawl and break-glass integrity.

• Ensure strong monitoring alerting and telemetry for IAM services and integrations and partner with SecOps where needed (SIEM logging anomaly detection).

• Drive reduction in repeat incidents through disciplined root cause analysis prevention and engineering partnership.

Leadership and team management

• Lead and develop a global IAM operations organization with clear operating rhythms training coaching performance management and succession planning.

• Define tiered support model (L1/L2/L3) standardize run books and mature the service delivery operating model across regions and time zones.

• Build strong partnerships across Security Infrastructure HR application owners and enterprise service management teams.

WhatWereLookingFor:

Basic Required Qualifications:

• 12 years of experience in IAM security operations or identity platform operations with 5 years leading teams and service delivery.

• Bachelors degree in information security Computer Science Information Systems or equivalent experience.

• Proven experience operating IAM services at enterprise scale (large user populations many applications multi-region environments).

• Strong IAM domain knowledge: authentication authorization SSO MFA federation (SAML/OIDC) lifecycle management RBAC/ABAC concepts and access governance fundamentals.

• Strong ITSM and operational management experience: incident/problem/change/request SLAs/SLOs metrics and service health reporting.

• Demonstrated ability to manage third-party SI partners and/or managed services with measurable outcomes (scorecards SLAs escalations coverage models).

• Track recorddelivering automation and self-service using workflows APIs and orchestration with tangible reductions in manual effort and ticket volume.

• Experience supporting audits and compliance requirements related to access controls (SOX SOC 2 ISO 27001 PCI or similar) including evidence production and remediation.

• Excellent stakeholder management and communication skills including leading major incidents and delivering executive-level updates.

Leadership andbehavioralcompetencies

• High ownership and operational rigor with a strong bias for action and measurable outcomes.

• Structured problem solving and disciplined root cause analysis with prevention mindset.

• Clear communicator under pressure with strong executive presence.

• Ability to balance reliability security and user experience while driving standardization.

• Talent builder who creates leaders and scales operating models globally.

• Strong prioritization and roadmap discipline across run improve and transform workstreams.

Additional Preferred Qualifications:

• Experience with leading IAM platforms (Okta Entra ID AD SailPoint CyberArk Duo etc.).

• Experience implementing privileged access operational controls including emergency access time-bound access and privileged session support coordination.

• Experienceoperatingin complex environments (multiple directories/tenants M&A integrations directory consolidation app migrations).

• Familiarity with Zero Trust principles and identity-centric security patterns.

• Experience applying AI agents or AI-assisted support in IT or security operations with strong governance and auditability.

• Exposure to cloud identity patterns (AWS Azure GCP) and CI/CD access models.

• Preferred: ITIL CISSP CISM or other relevant certifications.