Senior Manager, Identity and Access Management; IAM Architecture

Job Summary

The Senior Manager, Identity and Access Management (IAM) Architecture is the enterprise leader responsible for designing, guiding, and helping implement a secure, resilient, and scalable identity infrastructure within a Microsoft-centric environment. This role owns architectural direction across Microsoft Entra , on-premises Active Directory, Privileged Access Management (PAM), SSO, MFA, identity governance, and modern authentication services.

As a hybrid leadership and technical execution position, this role will both direct the work of IAM engineers/architects and roll up their sleeves to execute hands‑on engineering and design tasks when needed. The Senior Manager plays a critical part in advancing Zero Trust identity principles, securing privileged access, and modernizing identity services across the enterprise.

• Lead the development and evolution of IAM architecture across Microsoft Entra , on-premises AD, hybrid identity, and associated platforms.
• Define and maintain IAM architectural standards, reference architectures, and roadmaps aligned with Zero Trust and enterprise security goals.
• Provide deep technical expertise in identity protocols, directory design, federation, conditional access, and authentication modernization.
• Partner with Enterprise Architecture to align identity services with overall technology strategy.

• Architect and implement identity modernization solutions including SSO, MFA, passwordless, Conditional Access, Identity Governance, and lifecycle automation.
• Lead or support engineering implementation of identity integrations with SaaS, custom apps, and third-party systems.
• Perform hands‑on configuration, troubleshooting, and optimization of identity services where needed.
• Oversee and contribute to AD hardening, identity baselining, and Tier-0 security enforcement.

• Architect and lead implementation of Privileged Access Management programs, including Entra PIM and on-prem PAM tools (Cyber Ark, Beyond Trust, etc.).
• Drive segmentation and protection of Tier-0 assets, domain controllers, and identity infrastructure.
• Ensure strong monitoring, logging, and detection capabilities around identity threats and privileged access.

• Lead and mentor IAM architects and engineers, providing guidance, oversight, and technical direction.
• Collaborate closely with security, cloud, infrastructure, and application teams to ensure aligned identity practices.
• Drive project execution, ensuring architectural quality, security, and operational readiness.
• Serve as the escalation point for complex identity issues.

• Ensure IAM architecture aligns with risk, compliance, and audit requirements (for example—SOX, PCI-DSS, CIS).
• Establish and enforce identity lifecycle governance, access review processes, and identity data quality standards.
• Stay current on emerging technologies, industry trends, and Microsoft identity advancements.