Identity & Access Management (IAM) Operations Lead - IAM Services (SOX/NERC-CIP Compliance)

We are seeking a Lead IAM Operations & Support professional to oversee the reliability, security, and compliance of enterprise identity services across on-prem and cloud environments. This position is responsible for 24x7 service delivery of identity governance, administration, and privileged access management (PAM) systems within a regulated utility environment.

The IAM Operations Leader will direct a multidisciplinary team and vendor partners, driving operational excellence, automation, and continuous improvement to meet business, SOX, and NERC-CIP compliance requirements.

Key Responsibilities

Service Ownership & Strategy

• Define IAM operations strategy, service catalog, SLAs, and operational roadmaps.
• Establish SRE aligned practices for availability, performance, and resilience.
• Maintain service architecture and dependency maps for identity, SSO/MFA, PAM, and provisioning services.

Operations & Delivery

• Lead day-to-day operations across SailPoint Identity Security Cloud, AD/Azure AD, One Identity Safeguard, and SSO/MFA platforms.
• Build and manage tiered support (L1 L3), runbooks, and self-service tools.
• Drive monitoring, alerting, and proactive issue detection.

Incident & Change Management (ITIL)

• Serve as Major Incident Commander for IAM-related incidents.
• Lead root cause analysis (RCA), corrective actions, and change management governance.

Platform Administration & Reliability Engineering

• Ensure healthy operations and lifecycle management for SailPoint, One Identity Safeguard, and Azure AD/AD.
• Manage patching, upgrades, HA/DR, configuration baselines, and recovery testing.

Identity Lifecycle & Provisioning

• Operate joiner mover leaver processes integrated with SAP SuccessFactors and Fieldglass.
• Govern account hygiene and automate provisioning/deprovisioning at scale.

Privileged Access Management (PAM)

• Manage vaulting, rotation, session recording, and just-in-time (JIT) elevation via One Identity Safeguard.
• Audit and enforce least privilege across Linux/macOS using Safeguard Authentication Services.

Security, Risk & Compliance

• Maintain and document SOX, NERC-CIP, and NIST 800-53/63 controls.
• Support periodic access certifications, entitlement reviews, and risk assessments.

Automation & Continuous Improvement

• Implement policy-as-code and configuration-as-code for IAM platforms.
• Automate workflows, health checks, and evidence collection with PowerShell, Python, and APIs.

Stakeholder Engagement

• Publish service health dashboards and KPI reports.
• Collaborate across Security, HR, and IT Ops to align IAM priorities with business needs.

Qualifications

Required:

• Bachelor s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience).
• 8+ years of experience in IAM, with 3+ years leading operations/support teams in large, regulated enterprises.
• Hands-on experience with SailPoint, Azure AD/Active Directory, One Identity Safeguard (PAM, Safeguard for Sudo, SAS), and SSO/MFA solutions.
• Strong scripting and automation skills (PowerShell, Python).
• Proven experience managing SOX and NERC-CIP compliance.
• Demonstrated leadership in major incident response, change management, and service reliability.

Preferred:

• Certifications: CISSP, CISM, ITIL v4, Microsoft Entra/Azure Administrator, SailPoint, One Identity.
• Familiarity with AWS/Azure/Google Cloud Platform IAM, secrets management, and conditional access.
• Experience with SIEM/SOAR, ServiceNow ITSM/CMDB, and observability platforms (Splunk, Grafana, Datadog).