Manager of Identity and Access Management ("IAM")

Manager of Identity and Access Management ("IAM")Cooley is seeking a Manager of Identity & Access Management to join the Security team.Position summary: Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end the Manager of Identity and Access Management ("IAM") leads the firm's identity and access management program, providing strategic direction and operational oversight across identity platforms and access controls. This role is accountable for Microsoft Entra ID (Azure AD), Active Directory, Privileged Access Management, Identity Governance, Cloud Identity ("AWS"), and Certificate Lifecycle Management. IAM Management ensures secure, compliant, and efficient access to firm systems, applications, and data by managing user identities, authentication, authorization, and lifecycle processes. This role partners closely with Cyber Security, Technology, HR, and business stakeholders to reduce risk, support regulatory and audit requirements, and enable business operations. This hands-on leadership role will provide both strategic direction and day-to-day operational management. Specific duties and responsibilities include, but are not limited to, the following:Position responsibilities:Lead the firm's Identity and Access (IAM) program, defining strategy, multi-year roadmap, and operating model across workforce, privileged, cloud, and directory identitiesProvider overall ownership of IAM risk, governance, and control effectiveness, ensuring access to systems and data is secure, compliant, and auditableAct as the primary IAM authority and escalation point, partnering with Cybersecurity, Technology, HR, and business stakeholders to enable access while reducing security and operational riskOversee Microsoft Entra ID (Azure AD) and on-prem Active Directory, including identity lifecycle management, authentication and authorization models, directory hygiene, and enterprise account management processesLead the Privileged Access Management ("PAM") program, including privileged account onboarding, credential vaulting and rotation, access approvals, break-glass procedures, and ongoing governance aligned to least privileged principlesEstablish and operate identity governance processes, including joiner/mover/leaver workflows, access requests, periodic access reviews, exception handling, and remediation trackingDefine and enforce authentication standards including MFA strategy, coverage, exceptions, and conditional access controls, across workforce and privileged identitiesDefine and govern cloud identity practices, with a focus on Entra ID and AWS IAM roles, policies, federation patterns, and secure access models for human and workload identitiesOwn certificate lifecycle management, including inventory, ownership assignment, issuance standards, renewals, revocation, and automation to prevent outages and reduce cryptographic riskEstablish IAM operational cadence and metrics, including intake and prioritization, change coordination, incident support, KPI reporting, and continuous process improvementManage IAM vendors, tooling, documentation, and runbooks, ensuring solutions remain effective, scalable, and aligned with firm standards and evolving security needsEnsure high availability and resilience of IAM services to support 24/7 global legal operationsServe as direct supervisor and mentor to direct reportsProvide day-to-day supervision of direct reports, ensure compliance with assigned work hours and monitor for compliance with all firm and department policies. Manage staffing coverage, review and process time logs/time off requestsSupport business professional development and continued educational opportunitiesIn collaboration with immediate supervisor and central HR, participate in hiring, performance appraisals, counseling, termination and other employee lifecycle eventsAll other duties as assigned or requiredSkills and experience:Required:After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applicationsAbility to work extended and/or weekend hours, as requiredAbility to travel, as required5+ years applicable experience in the field (e.g., in Identity and Access Management (IAM), cybersecurity or related technical disciplines, with progressive responsibility across identity platforms and access controls). Senior candidates must have 7+ years experience.Experience leading IAM programs, including setting priorities, managing delivery, and partnering across security, technology and business functionsDemonstrated experience defining and executing IAM strategies and roadmaps, translating risk and regulatory requirements into scalable identity solutionsStrong working knowledge of authentication and authorization models, including MFA strategy, conditional access controls, exception management, and legacy authentication risk reductionHands-on experience with Entra ID (Azure AD) and on-prem Active Directory, including identity lifecycle management, group/role design, and enterprise account administrationExperience leading or operating Privileged Access Management (PAM) programs, including privileged account governance, credential protection, and remediation trackingExperience with cloud identity, including roles, policies, federation patterns, and secure access for human and workload identitiesPreferred:Bachelor's degreeSupervisory experienceSolid understanding of identity governance concepts such as joiner/mover/leaver processes, access request workflows, access certifications, and remediation trackingExperience building or maturing IAM functions and/or technologiesFamiliarity with IAM automation and integrations (HR systems, ITSM systems, CI/CD pipelines, or IaC)Experience supporting regulatory, audit, or compliance programs (e.g., ISO 27001, NIST-aligned controls)Experience managing IAM vendors, contracts, and third-party integrationsRelevant certifications such as CISSP, CISM, CIAM, Azure, AWS, or other IAM-focused certificationsExperience in a law firm or legal services organizationExperience supporting urgent, high-risk legal workflows without service disruptionCompetencies:Demonstrate leadership, accountability, and ownership of outcomesThinks strategically and prioritizes work aligned to business and security goalsExercise sound judgement when balancing security risk, compliance, and business needsBuild strong partnerships and influence stakeholders across technical and non-technical teamsCommunicate clearly with stakeholders at all levels, including leadership and auditorsAbility to adapt effectively to change and drives continuous improvementStrong interpersonal skills and problem-solving skillsAbility to communicate complex IAM concepts clearly to non-technical stakeholders, auditors, and senior leadershipEntrepreneurial by natureExcellent attention to detailAbility to organize, prioritize and coordinate multiple activities often under tight timelinesAbility to drive projects to completion and achieve goalsStrong judgmentTeam-player with collaborative spiritUnwavering ability to handle and maintain confidentiality regarding firm information, projects,client dataHigh level of professionalism at all timesDemonstrated ability to lead through influence and develop talentProactive, analytical mindsetEffective presentation skillsCooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices.EOE.The expected annual pay range for this position with a full-time schedule is $155,000 - $225,000. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate.We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.