Cyber Security IAM Leader

Position SummaryAre you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology US (DT - US). We are curious and life-long learners focused on technology and innovation.Recruiting for this role ends on 4/25/2026.Work you'll doLead Identity and Access Management (IAM) initiatives for DT-US as the leader of the US IAM Cyber Security team, maturing IAM into a modern, product-driven identity platform aligned with Deloitte's business requirements and go to market strategies.Provide strategic leadership, architectural direction, and engineering oversight across Identity Governance and Administration (IGA), Privileged Access Management (PAM), Authentication (Single Sign-On (SSO), Multi-Factor Authentication (MFA), passwordless), and emerging domains such as authorization services, workload/machine identity, and AI/agentic identity.Drive the evolution of IAM from tool-based implementations to scalable platform services, focused on secure, low-friction access across workforce, partner, client, and machine identities.Illustrative Duties and ResponsibilitiesLead the execution of aligning applications and systems to Deloitte's next-generation IAM platform, including identity lifecycle, authentication, authorization, and privileged access capabilities, while ensuring alignment with global enterprise direction and U.S. MF business requirements.Define and implement IAM architecture and standards, in alignment with global enterprise strategy and with influence on that strategy to reflect U.S. MF business requirements, including:Identity data architecture (authoritative sources, identity lifecycle, identity correlation)Authentication platforms (SSO, MFA, passwordless)Authorization strategy (policy-based access, fine-grained access control)Privileged and workload identity (ephemeral access, secrets management)Establish and lead IAM as a product-based operating model, organizing teams around platform capabilities (e.g., Identity Platform, Governance, Privileged Access, Authorization).Oversee a team responsible for the design, integration, deployment, and operation of IAM services, ensuring scalability, reliability, adoption, and alignment with enterprise and business priorities.Serve as a trusted advisor to stakeholders to design and deliver IAM solutions and strategies that balance security, usability, and business enablement, while ensuring U.S. MF requirements are effectively represented in broader enterprise decisions.Drive the transition from traditional role-based access control (RBAC) to policy-based and attribute-driven access models (ABAC / contextual authorization).Lead the implementation of modern identity capabilities, including:Machine and workload identity (APIs, services, pipelines)Secrets management and credential lifecycle automationJust-in-time (JIT) and ephemeral privileged accessIdentity services exposed via APIs for developer consumptionCommunicate IAM architecture, strategy, and implementation approaches at both technical and business levels, including across global and U.S. MF stakeholders, to drive alignment, understanding, and adoption.Lead senior team members in the design, development, testing, and implementation of IAM solutions, controls, and governance frameworks.Perform technology research, hands-on evaluation, and provide architectural recommendations aligned to enterprise strategy, global standards, and U.S. MF business use cases.Evaluate and guide build vs. buy decisions for emerging IAM capabilities such as authorization platforms and workload identity frameworks, considering enterprise strategy, global alignment, and business needs.As part of the largest component within a global enterprise, influence IAM strategies, standards, and platform direction to ensure global alignment with U.S. MF business requirements.Decision Making / Judgment RequiredDefine and execute IAM strategy, architecture, and operating model with a high degree of autonomy.Make enterprise-level decisions regarding identity platforms, authorization models, and governance frameworks, that must complement business strategy and integrate within the global enterprise.Balance strategic transformation goals with operational stability.Lead complex IAM initiatives, including cross-functional alignment and stakeholder consensus building.Navigate ambiguity and evolving requirements, particularly in emerging areas such as AI/agentic identity and machine identity.Continuously improve IAM posture from both technical and business perspectives.Technical SkillsCore IAM DomainsIdentity Governance and Administration (IGA)Privileged Access Management (PAM)Authentication (SSO, MFA, federation, passwordless)Identity lifecycle management and provisioningEnterprise directory architecture and designModern IAM CapabilitiesPolicy-based authorization (PBAC/ABAC, contextual access, policy engines)Machine/workload identity and secrets managementAPI and developer identityZero Trust architecture principlesMulti-cloud identity (Azure, AWS, GCP)Technical & Engineering ExperienceExperience designing enterprise-scale IAM architecturesWith greater than >200,00 identitiesGlobally dispersed primarily remote workforce supporting international clientsAPI-driven and platform-based service designIntegration with modern application architectures (microservices, APIs)Familiarity with global identity standards (OIDC, OAuth, SAML, SCIM, LDAP)Programming / Infrastructure (Preferred)Java, JavaScript, or similar languagesPowerShell, Bash, or scripting toolsDatabase technologies (MSSQL, MySQL, Oracle)Windows and Linux administrationDirectory services (Active Directory, LDAP-based systems)What Success Looks LikeIAM operates as a scalable identity platformAccess is policy-driven, contextual, Just-in-Time and low-frictionHuman and machine identities are governed consistentlyPrivileged access is ephemeral and risk-basedDevelopers consume identity services via APIs and platform capabilitiesDeloitte's IAM environment reflects leading practices delivered to clientsThe teamDeloitte Technology US (DT - US) helps power Deloitte's success, which serves many of the world's largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.The ~3,000 professionals in DT - US deliver services including:Cyber SecurityTechnology SupportTechnology & InfrastructureApplicationsRelationship ManagementStrategy & CommunicationsProject ManagementFinancialsCyber SecurityCyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.Areas of focus include:Risk & ComplianceIdentity & Access ManagementData ProtectionCyber DesignIncident ResponseSecurity ArchitectureBusiness PartnershipRequired Qualifications:Bachelor's degree or equivalent in Computer Science, Computer Engineering, Business AdministrationMinimum 10 years of experience in IAM or enterprise identity architectureMinimum 5 years of experience in IAM architecture and integration across enterprise systemsMinimum 5 years of experience in deployment and operationalization of IAM or security technologiesExperience leading large-scale IAM transformations in complex environmentsExperience with IAM platforms such as SailPoint, CyberArk, Azure AD (or equivalent)Experience working with consulting partners and vendor ecosystemsMinimum 2 years of people and/or process management experienceAbility to travel 0-10%, on average, based on the work you do and the clients and industries/sectors you serveMust be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.Preferred Qualifications:* Advanced Cyber, Computer Science or Engineering degree preferred* Certifications such as Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), or Cybersecurity Analyst (CySA+), with CyberArk Sentry or Guardian (preferred)The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700-$243,700.You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.Information for applicants with a need for accommodation:https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.htmlEA_ExpHireRITM10327765Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at USTalentCICInbox@deloitte.com.Recruiting tipsFrom developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.BenefitsAt Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.Our people and cultureOur inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.Our purposeDeloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.Professional developmentFrom entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.Requisition code: 328650Job ID 328650