Overview
Skills
Job Details
Summary:
The IAM Operations & Support Leader owns the reliability, security, and compliance of enterprise identity services across on-prem and cloud environments. This role leads 24x7 service delivery for identity governance and administration and privileged access, ensuring resilient operations, excellent user experience, and audit-ready controls. The leader manages a multidisciplinary team and vendor partners, drives automation and continuous improvement, and aligns service outcomes to business, SOX, and NERC-CIP requirements.
Must Haves:
1. Apache Tomcat
2. IAM- know different facets of IAM
3. Windows
4. PAM
5. Support background
Nice to Haves:
1. Lead experience
2. SailPoint
3. CyberArk
Essential Duties and Responsibilities:
Service Ownership and Strategy
1.1 Define the IAM operations strategy, service catalog, SLAs/SLOs/SLIs, and operational roadmaps aligned to business risk and compliance goals.
1.2 Establish SRE-aligned practices for availability, performance, capacity, and resilience, including error budgets and reliability targets.
1.3 Maintain the end-to-end service architecture and dependency maps for identity, SSO/MFA, PAM, and provisioning services.
Operations and Service Delivery
2.1 Lead day-to-day operations for AD/Azure AD, SailPoint ISC, SSO/MFA, PAM, Linux/macos directory integrations, and identity data pipelines.
2.2 Build and manage a tiered L1/L2/L3 support model, on-call rotations, runbooks, KB articles, and self-service tooling.
2.3 Drive monitoring/alerting, event correlation, and proactive problem detection using SIEM/observability platforms.
Incident, Problem, and Change Management (ITIL)
3.1 Serve as Major Incident Commander for IAM incidents; reduce MTTR via automation, diagnostics, and clear escalation paths.
3.2 Run formal problem management, RCAs, post-incident reviews, and corrective action tracking.
3.3 Govern changes through CAB/ECAB, maintenance windows, and release calendars; optimize change success rate.
Platform Administration and Reliability Engineering
4.1 Ensure healthy operations of SailPoint Identity Security Cloud (connectors, provisioning jobs, access certifications), Azure AD/AD (sync, domain controllers, GPOs), and One Identity Safeguard (PAM vaults, session mgmt, Sudo, SAS for Linux/macOS).
4.2 Oversee upgrades, patching, capacity planning, HA/DR, backups, and configuration baselines; validate failover and recovery procedures.
4.3 Manage API usage, throttling, and integration resiliency with HRIS, ITSM, SIEM/SOAR, and application endpoints.
Identity Lifecycle and Provisioning
5.1 Operate joiner mover leaver processes sourced from SAP SuccessFactors/Fieldglass, including role/birthright access and approvals.
5.2 Ensure accurate, timely provisioning/deprovisioning to directories, SaaS, and on-prem apps; remediate orphaned accounts and access drift.
5.3 Govern AD group and entitlement hygiene, bulk UID creation and mapping, and automated GID/role assignments at scale.
Privileged Access Management (PAM) and Unix/macOS Controls
6.1 Enforce vaulting, rotation, session recording, and JIT elevation via One Identity Safeguard; expand coverage and remove standing privilege.
6.2 Standardize and audit sudoers policies and Safeguard Authentication Services across Linux/macOS fleets; centralize policy distribution and logs.
6.3 Integrate PAM telemetry with SIEM; drive least privilege and break-glass controls with continuous testing.
Security, Risk, and Compliance
7.1 Maintain controls for SOX, NERC-CIP, NIST 800-53/63, and IAM best practices; keep services audit-ready with evidence automation.
7.2 Support access certifications, entitlement reviews, SoD/toxic combination policies, and quarterly control attestations.
7.3 Partner with security and audit teams on risk assessments, control testing, and remediation tracking.
Automation and Continuous Improvement
8.1 Implement policy-as-code and configuration-as-code for IAM platforms; leverage CI/CD for safe, repeatable changes.
8.2 Automate monitoring, provisioning workflows, connector health checks, and evidence collection via APIs, PowerShell/Python, and orchestration tools.
8.3 Lead guided automated deployments, UAT frameworks, regression testing, and performance baselining.
Stakeholder Engagement and Communications
9.1 Publish service health dashboards, KPI reports (availability, MTTR, SLA attainment, certification completion), and executive briefings.
9.2 Coordinate with Security, HR, IT Ops, and application owners on priorities, readiness, and release plans.
9.3 Manage service intake and expectations; escalate risks and trade-offs clearly with recommended actions.
Business Continuity and Resilience
10.1 Maintain DR/MCBP plans, recovery runbooks, and cyber recovery posture for identity services.
10.2 Conduct exercises (tabletops, failovers, chaos drills) and close gaps proactively.
10.3 Ensure privileged recovery capabilities and offline procedures are tested and documented.
Required Skills and Experience:
Education: Bachelor s in Computer Science, Information Systems, Cybersecurity, or related field; equivalent experience considered.
Experience: 8+ years in IAM with 3+ years leading operations/support teams in large, regulated enterprises.
Platforms: SailPoint Identity Security Cloud (or IdentityNow/IIQ), Azure AD/Active Directory, One Identity Safeguard (PAM, Safeguard for Sudo, Safeguard Authentication Services), SSO/MFA; LDAP/Kerberos, SAML/OIDC/OAuth2, SCIM, PKI.
HRIS Integrations: Operating identity lifecycle fed by SAP SuccessFactors and SAP Fieldglass.
Systems: Enterprise Windows, Linux, and macOS identity integration at scale.
ITIL/SRE: Major incident leadership, problem/change management, SLAs/SLOs, observability, capacity and performance management.
Automation: Strong scripting (PowerShell, Python), API orchestration, configuration-as-code, and CI/CD practices.
Compliance: Demonstrated success maintaining SOX and NERC-CIP controls and passing audits.
Communication: Clear executive and technical communication, concise incident updates, and stakeholder management.
Preferred Qualifications:
Certifications: CISSP, CISM, ITIL v4, Microsoft Entra/Azure Administrator, SailPoint, One Identity Safeguard; SAFe certifications a plus.
Cloud: AWS/Azure/Google Cloud Platform IAM fundamentals, secrets management, conditional access, and identity threat detection.
Tooling: Experience with SIEM/SOAR, Splunk/Elastic, PrometheGrafana/Datadog, ServiceNow ITSM/CMDB.
Delivery: Experience running UAT/regression suites for IAM changes; familiarity with PI Planning and Agile release trains.
Core Competencies and Attributes:
Security-first and reliability-obsessed mindset with strong customer empathy.
Ownership and bias for action; calm, decisive incident leadership.
Strategic and operational balance; data-driven and metrics-focused.
Collaborative, diplomatic, and effective at influencing across teams and vendors.
Participation in on-call rotation and off-hours maintenance windows as needed; occasional travel for team, vendor, or audit engagements.
Key Success Metrics:
Service availability/SLO attainment, MTTR and incident volume trend, change success rate, provisioning SLA compliance, certification completion on time, privileged account coverage and policy adherence, audit findings reduced/cleared, automation coverage and toil reduction.