Director, Head of IAM Operations
S&P Global, Dallas, TX, United States
About the Role
Grade Level (for internal use):
13
About the Role:
Own and run end-to-end IAM operations to deliver reliable, secure, and scalable identity services across workforce and non-human identities. This role leads global IAM service delivery, third-party SI partners, automation and self-service, and the responsible adoption of AI agents to reduce manual work, improve control quality, and increase operational resilience.
Responsibilities and Impact IAM service ownership and operational excellence
Own day‑to‑day IAM operations across identity lifecycle (joiner‑mover‑leaver), access requests, SSO, MFA, federation, directory integrations, and access‑fulfillment workflows.
Run ITSM‑aligned operations: incident, problem, change, request, and knowledge management with clear escalation paths and on‑call readiness.
Establish and report SLAs/SLOs and operational KPIs, including availability, MTTR, ticket throughput, backlog health, and quality metrics (mis‑provisioning, rework, escalations).
Own operational communications: status updates, planned maintenance notices, user‑impact messaging, and post‑incident reviews with measurable corrective actions.
Platform operations and integration reliability
Oversee operational stability and administration for IAM platforms and dependencies (examples: SSO/MFA platforms, directories, IGA administration, ITSM workflows, HR source‑of‑truth, APIs/connectors).
Partner with architecture and engineering teams to improve reliability, resilience, and deployment outcomes (release readiness, change controls, rollback strategies).
Lead audit and compliance execution for access controls: evidence collection, recertification operational execution, control testing support, remediation tracking, and sustained audit readiness.
Third‑party SI partner and managed service leadership
Lead performance of Systems Integrators and managed service providers supporting IAM operations and delivery (L2/L3, integrations, platform administration, upgrades, migrations).
Define scopes, deliverables, RACI, runbooks, and acceptance criteria for SI‑delivered work and operational run support.
Own partner governance: QBRs, KPI scorecards, SLA adherence, staffing plans, coverage model (onshore/offshore), escalations, and continuous improvement commitments.
Ensure external partners comply with security standards: least privilege, separation of duties, change control, secure credential handling, logging, and break‑glass procedures.
Automation‑first operations and elimination of manual tickets
Establish an automation‑first operating model targeting removal of repetitive manual tasks and reduction of ticket volume across IAM workflows.
Build and manage an automation backlog with measurable outcomes (ticket deflection, cycle‑time reduction, increased straight‑through processing).
Drive workflow orchestration across ITSM, IGA, directories, and SSO using APIs, event‑driven triggers, and reusable templates.
Expand end‑user self‑service capabilities (request catalog, automated approvals, MFA recovery flows, identity and access status checks) to reduce Service Desk dependency.
Implement a continuous improvement loop: analyze top ticket drivers, remove root causes, standardize processes, improve knowledge, and automate recurring issues.
AI agents and intelligent IAM operations
Introduce AI‑assisted operations to improve productivity and service quality, such as automated ticket triage, classification, routing, and duplicate detection.
Chat‑based self‑service to resolve common IAM issues and guide access requests.
Automated audit evidence gathering and packaging.
Assisted incident timelines, RCA drafting, and knowledge article creation.
Implement governance for AI agents: role‑based constraints, approval workflows for high‑risk actions, auditable action logs, deterministic fallbacks, and secure access to secrets/tools.
Operational risk management and control quality
Own operational risk posture for IAM services including access outages, mis‑provisioning, privileged drift, toxic combinations, non‑human identity sprawl, and break‑glass integrity.
Ensure strong monitoring, alerting, and telemetry for IAM services and integrations, and partner with SecOps where needed (SIEM, logging, anomaly detection).
Drive reduction in repeat incidents through disciplined root cause analysis, prevention, and engineering partnership.
Leadership and team management
Lead and develop a global IAM operations organization with clear operating rhythms, training, coaching, performance management, and succession planning.
Define tiered support model (L1/L2/L3), standardize run books, and mature the service delivery operating model across regions and time zones.
Build strong partnerships across Security, Infrastructure, HR, application owners, and enterprise service management teams.
What We’re Looking For Basic Required Qualifications
12+ years of experience in IAM, security operations, or identity platform operations, with 5+ years leading teams and service delivery.
Bachelor’s degree in information security, Computer Science, Information Systems, or equivalent experience.
Proven experience operating IAM services at enterprise scale (large user populations, many applications, multi‑region environments).
Strong IAM domain knowledge: authentication, authorization, SSO, MFA, federation (SAML/OIDC), lifecycle management, RBAC/ABAC concepts, and access governance fundamentals.
Strong ITSM and operational management experience: incident/problem/change/request, SLAs/SLOs, metrics, and service health reporting.
Demonstrated ability to manage third‑party SI partners and/or managed services with measurable outcomes (scorecards, SLAs, escalations, coverage models).
Track record delivering automation and self‑service using workflows, APIs, and orchestration with tangible reductions in manual effort and ticket volume.
Experience supporting audits and compliance requirements related to access controls (SOX, SOC 2, ISO 27001, PCI, or similar), including evidence production and remediation.
Excellent stakeholder management and communication skills, including leading major incidents and delivering executive‑level updates.
Leadership and Behavioral Competencies
High ownership and operational rigor with a strong bias for action and measurable outcomes.
Structured problem solving and disciplined root cause analysis with prevention mindset.
Clear communicator under pressure with strong executive presence.
Ability to balance reliability, security, and user experience while driving standardization.
Talent builder who creates leaders and scales operating models globally.
Strong prioritization and roadmap discipline across run, improve, and transform workstreams.
Additional Preferred Qualifications
Experience with leading IAM platforms (Okta, Entra ID, AD, SailPoint, CyberArk, Duo, etc.).
Experience implementing privileged access operational controls, including emergency access, time‑bound access, and privileged session support coordination.
Experience operating in complex environments (multiple directories/tenants, M&A integrations, directory consolidation, app migrations).
Familiarity with Zero Trust principles and identity‑centric security patterns.
Experience applying AI agents or AI‑assisted support in IT or security operations with strong governance and auditability.
Exposure to cloud identity patterns (AWS, Azure, GCP) and CI/CD access models.
Preferred: ITIL, CISSP, CISM, or other relevant certifications.
Compensation / Benefits Information S&P Global states that the anticipated base salary range for this position is $192,000 to $215,000. Final base salary will be based on the individual’s geographic location, as well as experience level, skill set, training, licenses and certifications.
In addition to base compensation, this role is eligible for an annual incentive plan. This role is not eligible for additional compensation such as an annual incentive bonus or sales commission plan.
This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, please click here (https://spgbenefits.com/benefit-summaries/us).
Health & Wellness: Health care coverage designed for the mind and body.
Flexible Downtime: Generous time off helps keep you energized for your time on.
Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company‑matched student loan contribution, and financial wellness programs.
Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best‑in‑class benefits for families.
Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.
Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.
Job ID: 325148
Posted On: 2026-04-13
Location: Princeton, New Jersey, United States
#J-18808-Ljbffr
13
About the Role:
Own and run end-to-end IAM operations to deliver reliable, secure, and scalable identity services across workforce and non-human identities. This role leads global IAM service delivery, third-party SI partners, automation and self-service, and the responsible adoption of AI agents to reduce manual work, improve control quality, and increase operational resilience.
Responsibilities and Impact IAM service ownership and operational excellence
Own day‑to‑day IAM operations across identity lifecycle (joiner‑mover‑leaver), access requests, SSO, MFA, federation, directory integrations, and access‑fulfillment workflows.
Run ITSM‑aligned operations: incident, problem, change, request, and knowledge management with clear escalation paths and on‑call readiness.
Establish and report SLAs/SLOs and operational KPIs, including availability, MTTR, ticket throughput, backlog health, and quality metrics (mis‑provisioning, rework, escalations).
Own operational communications: status updates, planned maintenance notices, user‑impact messaging, and post‑incident reviews with measurable corrective actions.
Platform operations and integration reliability
Oversee operational stability and administration for IAM platforms and dependencies (examples: SSO/MFA platforms, directories, IGA administration, ITSM workflows, HR source‑of‑truth, APIs/connectors).
Partner with architecture and engineering teams to improve reliability, resilience, and deployment outcomes (release readiness, change controls, rollback strategies).
Lead audit and compliance execution for access controls: evidence collection, recertification operational execution, control testing support, remediation tracking, and sustained audit readiness.
Third‑party SI partner and managed service leadership
Lead performance of Systems Integrators and managed service providers supporting IAM operations and delivery (L2/L3, integrations, platform administration, upgrades, migrations).
Define scopes, deliverables, RACI, runbooks, and acceptance criteria for SI‑delivered work and operational run support.
Own partner governance: QBRs, KPI scorecards, SLA adherence, staffing plans, coverage model (onshore/offshore), escalations, and continuous improvement commitments.
Ensure external partners comply with security standards: least privilege, separation of duties, change control, secure credential handling, logging, and break‑glass procedures.
Automation‑first operations and elimination of manual tickets
Establish an automation‑first operating model targeting removal of repetitive manual tasks and reduction of ticket volume across IAM workflows.
Build and manage an automation backlog with measurable outcomes (ticket deflection, cycle‑time reduction, increased straight‑through processing).
Drive workflow orchestration across ITSM, IGA, directories, and SSO using APIs, event‑driven triggers, and reusable templates.
Expand end‑user self‑service capabilities (request catalog, automated approvals, MFA recovery flows, identity and access status checks) to reduce Service Desk dependency.
Implement a continuous improvement loop: analyze top ticket drivers, remove root causes, standardize processes, improve knowledge, and automate recurring issues.
AI agents and intelligent IAM operations
Introduce AI‑assisted operations to improve productivity and service quality, such as automated ticket triage, classification, routing, and duplicate detection.
Chat‑based self‑service to resolve common IAM issues and guide access requests.
Automated audit evidence gathering and packaging.
Assisted incident timelines, RCA drafting, and knowledge article creation.
Implement governance for AI agents: role‑based constraints, approval workflows for high‑risk actions, auditable action logs, deterministic fallbacks, and secure access to secrets/tools.
Operational risk management and control quality
Own operational risk posture for IAM services including access outages, mis‑provisioning, privileged drift, toxic combinations, non‑human identity sprawl, and break‑glass integrity.
Ensure strong monitoring, alerting, and telemetry for IAM services and integrations, and partner with SecOps where needed (SIEM, logging, anomaly detection).
Drive reduction in repeat incidents through disciplined root cause analysis, prevention, and engineering partnership.
Leadership and team management
Lead and develop a global IAM operations organization with clear operating rhythms, training, coaching, performance management, and succession planning.
Define tiered support model (L1/L2/L3), standardize run books, and mature the service delivery operating model across regions and time zones.
Build strong partnerships across Security, Infrastructure, HR, application owners, and enterprise service management teams.
What We’re Looking For Basic Required Qualifications
12+ years of experience in IAM, security operations, or identity platform operations, with 5+ years leading teams and service delivery.
Bachelor’s degree in information security, Computer Science, Information Systems, or equivalent experience.
Proven experience operating IAM services at enterprise scale (large user populations, many applications, multi‑region environments).
Strong IAM domain knowledge: authentication, authorization, SSO, MFA, federation (SAML/OIDC), lifecycle management, RBAC/ABAC concepts, and access governance fundamentals.
Strong ITSM and operational management experience: incident/problem/change/request, SLAs/SLOs, metrics, and service health reporting.
Demonstrated ability to manage third‑party SI partners and/or managed services with measurable outcomes (scorecards, SLAs, escalations, coverage models).
Track record delivering automation and self‑service using workflows, APIs, and orchestration with tangible reductions in manual effort and ticket volume.
Experience supporting audits and compliance requirements related to access controls (SOX, SOC 2, ISO 27001, PCI, or similar), including evidence production and remediation.
Excellent stakeholder management and communication skills, including leading major incidents and delivering executive‑level updates.
Leadership and Behavioral Competencies
High ownership and operational rigor with a strong bias for action and measurable outcomes.
Structured problem solving and disciplined root cause analysis with prevention mindset.
Clear communicator under pressure with strong executive presence.
Ability to balance reliability, security, and user experience while driving standardization.
Talent builder who creates leaders and scales operating models globally.
Strong prioritization and roadmap discipline across run, improve, and transform workstreams.
Additional Preferred Qualifications
Experience with leading IAM platforms (Okta, Entra ID, AD, SailPoint, CyberArk, Duo, etc.).
Experience implementing privileged access operational controls, including emergency access, time‑bound access, and privileged session support coordination.
Experience operating in complex environments (multiple directories/tenants, M&A integrations, directory consolidation, app migrations).
Familiarity with Zero Trust principles and identity‑centric security patterns.
Experience applying AI agents or AI‑assisted support in IT or security operations with strong governance and auditability.
Exposure to cloud identity patterns (AWS, Azure, GCP) and CI/CD access models.
Preferred: ITIL, CISSP, CISM, or other relevant certifications.
Compensation / Benefits Information S&P Global states that the anticipated base salary range for this position is $192,000 to $215,000. Final base salary will be based on the individual’s geographic location, as well as experience level, skill set, training, licenses and certifications.
In addition to base compensation, this role is eligible for an annual incentive plan. This role is not eligible for additional compensation such as an annual incentive bonus or sales commission plan.
This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, please click here (https://spgbenefits.com/benefit-summaries/us).
Health & Wellness: Health care coverage designed for the mind and body.
Flexible Downtime: Generous time off helps keep you energized for your time on.
Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company‑matched student loan contribution, and financial wellness programs.
Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best‑in‑class benefits for families.
Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.
Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.
Job ID: 325148
Posted On: 2026-04-13
Location: Princeton, New Jersey, United States
#J-18808-Ljbffr