Senior Manager, Identity and Access Management (IAM) Architecture

Job Summary

The Senior Manager, Identity and Access Management (IAM) Architecture is the enterprise leader responsible for designing, guiding, and helping implement a secure, resilient, and scalable identity infrastructure within a Microsoft-centric environment. This role owns architectural direction across Microsoft Entra ID, on-premises Active Directory, Privileged Access Management (PAM), SSO, MFA, identity governance, and modern authentication services.

As a hybrid leadership and technical execution position, this role will both direct the work of IAM engineers/architects and roll up their sleeves to execute hands-on engineering and design tasks when needed. The Senior Manager plays a critical part in advancing Zero Trust identity principles, securing privileged access, and modernizing identity services across the enterprise.

Duties and Responsibilities (other duties as assigned)

Identity Architecture Leadership

• Lead the development and evolution of IAM architecture across Microsoft Entra ID, on-premises AD, hybrid identity, and associated platforms.

• Define and maintain IAM architectural standards, reference architectures, and roadmaps aligned with Zero Trust and enterprise security goals.

• Provide deep technical expertise in identity protocols, directory design, federation, conditional access, and authentication modernization.

• Partner with Enterprise Architecture to align identity services with overall technology strategy.

• Hands-On Technical Execution

• Architect and implement identity modernization solutions including SSO, MFA, passwordless, Conditional Access, Identity Governance, and lifecycle automation.

• Lead or support engineering implementation of identity integrations with SaaS, custom apps, and third-party systems.

• Perform hands-on configuration, troubleshooting, and optimization of identity services where needed.

• Oversee and contribute to AD hardening, identity baselining, and Tier-0 security enforcement.

Privileged Access & Zero Trust Identity Controls

• Architect and lead implementation of Privileged Access Management programs, including Entra PIM and on-prem PAM tools (CyberArk, BeyondTrust, etc.).

• Drive segmentation and protection of Tier-0 assets, domain controllers, and identity infrastructure.

• Ensure strong monitoring, logging, and detection capabilities around identity threats and privileged access.

Team & Cross-Functional Leadership

• Lead and mentor IAM architects and engineers, providing guidance, oversight, and technical direction.

• Collaborate closely with security, cloud, infrastructure, and application teams to ensure aligned identity practices.

• Drive project execution, ensuring architectural quality, security, and operational readiness.

• Serve as the escalation point for complex identity issues.

• Governance, Risk, & Compliance

• Ensure IAM architecture aligns with risk, compliance, and audit requirements (for example—SOX, PCI-DSS, CIS).

• Establish and enforce identity lifecycle governance, access review processes, and identity data quality standards.

• Stay current on emerging technologies, industry trends, and Microsoft identity advancements.