Job
Description
The IAM & PAM Lead is a critical role responsible for the overall strategy, implementation, and management of the organization's combined Identity and Access Management (IAM) and Privileged Access Management (PAM) program. This role requires deep technical expertise in both IAM and PAM solutions, strong leadership skills, and a solid understanding of security best practices. The IAM & PAM Lead will ensuring secure and controlled access to all organizational resources, including privileged accounts. What you will do: Develop and maintain the organization's integrated IAM and PAM strategy, roadmap, and implementation plan, aligning it with business objectives and security best practices. This includes defining the future state of identity and access management and planning for its evolution. Oversee the selection, implementation, configuration, and ongoing management of IAM and PAM solutions, including identity governance, access management, directory services, multi-factor authentication (MFA), privileged access management, credential vaulting, session recording, and just-in-time access. Develop, implement, and enforce IAM and PAM policies, procedures, and standards to ensure consistent and secure access to all organizational resources, including privileged accounts. Manage the entire identity lifecycle, from onboarding to offboarding, for all users, including privileged users, encompassing provisioning, deprovisioning, and access certifications. Oversee the access control and governance processes for all accounts, ensuring appropriate access rights are granted, regularly reviewed, and aligned with the principle of least privilege. Implement and manage strong authentication and authorization mechanisms, including MFA, single sign-on (SSO), role-based access control (RBAC), and attribute-based access control (ABAC) for both standard and privileged users. Manage and maintain directory services (e.g., Active Directory, LDAP) to ensure accurate and up-to-date user and privileged account information. Implement and manage privileged credential vaulting and rotation. Control and monitor privileged sessions, including recording and auditing. Implement just-in-time (JIT) privileged access. Manage break-glass procedures for emergency access. Collaborate with vulnerability management teams to identify and remediate vulnerabilities related to IAM and PAM systems and processes. Participate in incident response activities related to identity and access, including investigating security incidents and implementing corrective actions. Develop and deliver training programs to educate users and administrators on IAM and PAM best practices and security policies. Ensure compliance with relevant regulations and industry standards related to identity and access, including those specific to privileged access, and support internal and external audits. Develop and maintain key performance indicators (KPIs) and metrics to track the effectiveness of the IAM and PAM program and provide regular reports to management. Foster a culture of collaboration and continuous improvement. Stay up-to-date with the latest IAM and PAM technologies, threats, and best practices, and continuously improve the organization's integrated IAM and PAM program. What We're Looking For: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are highly desirable. Minimum of 7-10 years of experience in Information Security, with Minimum 4+ Years in Identity and Access Management and 2+ Years on Privileged Access Management. Experience leading IAM and PAM implementations and managing combined IAM/PAM teams is essential. Technical Skills: Deep understanding of IAM and PAM concepts, technologies, and best practices. Hands-on experience with leading IAM and PAM solutions (e.g., SailPoint, CyberArk, Delinea, Thycotic). Strong knowledge of directory services (e.g., Active Directory, LDAP). Experience with MFA, SSO, federation technologies, credential vaulting, and session recording. Familiarity with scripting languages (e.g., PowerShell, Python) is a plus. Knowledge of cloud security best practices related to IAM and PAM. Soft Skills: Excellent leadership, communication, and interpersonal skills. Strong analytical and problem-solving skills. Ability to work effectively in a team environment. Ability to communicate technical concepts to non-technical audiences. Strong organizational and time management skills.
