Sr. Manager, Identity & Access Management in New York City, NY

Law Firm

New York City, NY

Sr. Manager, Identity & Access Management in New York City, NY

Law Firm Non Legal Department

15-15 yrs required

No

Job Title

Senior Manager, Identity & Access Management

Job Responsibilities

The Senior Manager, Identity & Access Management (IAM) is tasked with developing and leading a comprehensive, global IAM program aimed at safeguarding access to systems, applications, and data resources. This pivotal role involves overseeing a team that is responsible for the design, implementation, and management of enterprise-wide identity governance, access provisioning, privileged access management, and authentication strategies. The role requires collaboration with IT, HR, and business stakeholders to spearhead IAM modernization efforts, ensuring secure and compliant access management practices across the law firm. Key responsibilities include:

- Developing and maintaining an enterprise IAM strategy and roadmap that aligns with business objectives and risk management priorities.
- Leading the implementation and operation of identity governance solutions, as well as access reviews and provisioning/de-provisioning processes for workforce and third-party identities.
- Overseeing the design and enforcement of role-based access controls (RBAC), least privilege principles, and segregation of duties.
- Managing the selection and oversight of IAM tools and technologies, including Active Directory, Entra, SAML/SSO, multi-factor authentication (MFA), PAM programs, and identity governance solutions.
- Integrating IAM controls with cloud platforms, SaaS applications, and hybrid IT environments.
- Partnering with application owners and IT teams to ensure consistent authentication and authorization mechanisms across platforms.
- Ensuring timely and secure onboarding and offboarding of users, including employees, contractors, and vendors.
- Developing and maintaining policies, standards, and procedures related to identity lifecycle management and access security.
- Designing, implementing, and managing law firm PKI solutions; managing digital certificate inventory and lifecycle, including issuance, renewal, and revocation; monitoring IAM systems for anomalies, unauthorized access, and policy violations.
- Collaborating with SOC, IR, and VM teams to address and resolve IAM and certificate-related issues and vulnerabilities.
- Promptly troubleshooting and resolving IAM-related issues.
- Maintaining compliance with regulatory, privacy, and audit requirements, including ISO 27001, NIST, GDPR, and client-imposed security obligations.
- Delivering reporting and dashboards to provide visibility into access patterns, risks, and compliance gaps to technical and non-technical stakeholders.
- Staying informed about industry best practices, threat landscapes, and emerging IAM technologies to continuously improve the law firm’s IAM framework, program maturity, and efficiency.
- Implementing technical controls and solutions as needed to remediate cyber risks identified in security assessments, audits, and security testing.
- Collaborating with and influencing cross-functional IT stakeholders to adopt a security mindset, abide by security policies and standards, and identify and remediate security weaknesses.
- Reporting on key information security KRI/KPI metrics and performance indicators.
- Analyzing information to proactively identify risks, trends, and opportunities for process improvements.
- Promoting a secure-by-design framework across IT development lifecycles.
- Providing leadership, direction, and mentorship to the IAM team.
- Making decisions and recommendations based on risk assessment, trend analysis, and industry best practices; communicating appropriate context to technical and non-technical stakeholders.

Education

Required

- Bachelor’s degree in information security, IT, risk management, related discipline, or equivalent experience.

Preferred

- Professional certifications such as CISSP, CISM, or similar.

Skills and Experience

- 15+ years of experience in IT or Information Security, with at least 5 years in a leadership role focused on IAM or access governance.
- Proven ability to build and lead enterprise IAM programs at scale, ideally in a hybrid or cloud environment.
- Deep understanding of identity lifecycle management, SSO, MFA, directory services (., Active Directory, Azure AD), federation protocols (SAML, OAuth, OIDC), and PKI/certificate infrastructure.
- Experience implementing and managing IAM tools and platforms (., SailPoint, Okta, CyberArk, Ping Identity, Microsoft Entra, BeyondTrust, etc.).
- Strong understanding of NIST identity assurance levels and digital identity guidelines.
- Familiarity with compliance frameworks and standards such as NIST CSF and ISO 27001.
- Strong background in user access review, entitlement management, and policy enforcement.
- Experience working in a global organization and collaborating across diverse business units.
- Strong leadership, project management, and vendor management skills.
- Passion for innovation, automation, and driving continuous improvement in IAM processes.
- Excellent interpersonal, leadership, presentation, and collaborative skills.
- Excellent written and verbal communication skills.
- Ability to manage multiple concurrent objectives and activities, and make effective judgments in prioritizing and time allocation.
- Must be able to execute with limited information and ambiguity.
- Must have a continuous learning mindset and a demonstrated aptitude for understanding new vulnerabilities, threats, and attack vectors.
- Must be able to build collaborative relationships and is comfortable interacting frequently with leadership and internal/external stakeholders.

Salary Information

The estimated base salary range for this position is $190,000 to $220,000 at the time of posting. The actual salary offered will depend on various factors, including the qualifications of the individual applicant, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location from which the applicant will be performing the job. This role is exempt, meaning it is not eligible for overtime pay.