Senior Manager, Identity and Access Management; IAM Architecture

Job Summary

The Senior Manager, Identity and Access Management (IAM) Architecture is the enterprise leader responsible for designing, guiding, and helping implement a secure, resilient, and scalable identity infrastructure within a Microsoft-centric environment. This role owns architectural direction across Microsoft Entra , on-premises Active Directory, Privileged Access Management (PAM), SSO, MFA, identity governance, and modern authentication services.

As a hybrid leadership and technical execution position, this role will both direct the work of IAM engineers/architects and roll up their sleeves to execute hands-on engineering and design tasks when needed. The Senior Manager plays a critical part in advancing Zero Trust identity principles, securing privileged access, and modernizing identity services across the enterprise.

• Lead the development and evolution of IAM architecture across Microsoft Entra , on-premises AD, hybrid identity, and associated platforms.
• Define and maintain IAM architectural standards, reference architectures, and roadmaps aligned with Zero Trust and enterprise security goals.
• Provide deep technical expertise in identity protocols, directory design, federation, conditional access, and authentication modernization.
• Partner with Enterprise Architecture to align identity services with overall technology strategy.
• Hands-On Technical Execution
• Architect and implement identity modernization solutions including SSO, MFA, passwordless, Conditional Access, Identity Governance, and lifecycle automation.
• Lead or support engineering implementation of identity integrations with SaaS, custom apps, and third-party systems.
• Perform hands-on configuration, troubleshooting, and optimization of identity services where needed.
• Oversee and contribute to AD hardening, identity baselining, and Tier-0 security enforcement.

• Architect and lead implementation of Privileged Access Management programs, including Entra PIM and on-prem PAM tools (Cyber Ark, Beyond Trust, etc.).
• Drive segmentation and protection of Tier-0 assets, domain controllers, and identity infrastructure.
• Ensure strong monitoring, logging, and detection capabilities around identity threats and privileged access.

• Lead and mentor IAM architects and engineers, providing guidance, oversight, and technical direction.
• Collaborate closely with security, cloud, infrastructure, and application teams to ensure aligned identity practices.
• Drive project execution, ensuring architectural quality, security, and operational readiness.
• Serve as the escalation point for complex identity issues.

• Ensure IAM architecture aligns with risk, compliance, and audit requirements (for example—SOX, PCI-DSS, CIS).
• Establish and enforce identity lifecycle governance, access review processes, and identity data quality standards.
• Stay current on emerging technologies, industry trends, and Microsoft identity advancements.

It is the policy of Papa John’s to provide equal employment opportunities for all applicants and team members without regard to race, color, religion, sex, age, marital status or civil partnership, national or ethnic origin, pregnancy or maternity, veteran status, uniformed service (as defined by 10 U.S.C. §101 (a)(5)), protected disability status, genetic information, sexual orientation, gender identity, gender reassignment, or gender expression, or any other characteristic protected by statute or law.