Manager - Identity Access Management (IAM)

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

Job Description: Digital Identity IAM Manager (AM, PAM & IGA)

Position Overview

We are seeking a skilled and motivated IAM Engineering Manager to join our Digital Identity team. This role focuses on designing, implementing, and enhancing Identity and Access Management solutions across Access Management (AM), Privileged Access Management (PAM), and Identity Governance & Administration (IGA) platforms.

The ideal candidate will possess strong technical expertise in IAM technologies, automation skills, and experience integrating identity solutions across enterprise environments (cloud and on-premises).

Key Responsibilities

Access Management (AM)

• Design and implement Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federation solutions using SAML, OAuth 2.0, OIDC, and WS-Fed protocols.

• Integrate enterprise and third-party applications with IAM platforms such as Microsoft Entra ID, Okta, or Ping Identity.

• Configure Conditional Access policies and authentication flows based on security best practices.

• Troubleshoot authentication, federation, and token-related issues.

• Configure custom user journeys and custom policies (Trust Framework) for sign-up, sign-in, password reset, and profile management.

• Design and implement Customer Identity and Access Management (CIAM) solutions using Microsoft Entra ID B2C (Entra External ID) or equivalent CIAM platforms.

Privileged Access Management (PAM)

• Implement and manage privileged access solutions such as CyberArk, BeyondTrust, or Delinea. • Configure vaulting, session management, privileged account onboarding, and password rotation policies.

• Develop automation for privileged account lifecycle management and access approvals. • Implement least privilege and Zero Trust principles for administrative access.

Identity Governance & Administration (IGA)

• Deploy and manage IGA platforms such as SailPoint, Saviynt, or Microsoft Entra ID Governance. • Design and maintain access request workflows, approval processes, and certification campaigns. • Implement automated Joiner-Mover-Leaver (JML) processes. • Perform access reviews, entitlement analysis, and SoD (Segregation of Duties) monitoring.

Automation & Integration

• Develop scripts using PowerShell, Python, or REST APIs to automate IAM processes and integrations. • Integrate IAM solutions with HR systems, ITSM tools, and enterprise applications. • Build connectors and workflows for automated provisioning/de-provisioning. • Support CI/CD pipelines for IAM configuration deployment. • Implement Zero Trust architecture principles and identity-first security models. • Conduct architecture reviews and recommend improvements aligned with industry best practices. • Conduct periodic risk assessments related to identity and privileged access. • Support audit activities and provide documentation for compliance requirements.

• Develop and execute test cases for IAM workflows, integrations, and policy configurations. • Validate access controls and authentication flows to ensure secure deployment. • Conduct penetration testing support and remediation for identity-related vulnerabilities.

Leadership & Team Management

• Lead, mentor, and manage a team of IAM engineers and analysts. • Define team goals, KPIs, and performance objectives aligned with security strategy. • Conduct performance reviews, coaching sessions, and skill development planning. • Manage resource allocation, capacity planning, and project prioritization. • Drive a culture of automation, innovation, and continuous improvement.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience). • 12+ years of hands-on experience in IAM (AM, PAM, IGA). • Strong understanding of authentication protocols (OAuth 2.0, OIDC, SAML, LDAP, Kerberos). • Experience with directory services (Active Directory, Azure AD/Entra ID). • Proficiency in scripting/automation (PowerShell, XML, Python). • Experience integrating enterprise applications with IAM platforms. • Strong troubleshooting and analytical skills. • Excellent communication and documentation abilities.

Preferred Qualifications

• Vendor-specific certifications (CyberArk, SailPoint, Entra ID). • Familiarity with Zero Trust architecture frameworks. • Experience working in MSSP or large enterprise environments.

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html.  

RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation.  

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at [email protected].