Identity and Access Management (IAM) Governance Lead

About This Role

Lead the strategy, implementation, and governance of Identity and Access Management (IAM) within the International Monetary Fund (IMF). This role ensures robust access controls, compliance with requirements, and alignment of IAM policies with IMF's goals and industry best practices.

Responsibilities

• Design and operationalize a tailored IAM governance framework
• Oversee identity lifecycle and access governance activities, policies, standards, processes, and procedures
• Evaluate the effectiveness of identity lifecycle management and risk reduction measures
• Collaborate with business and IT stakeholders to understand access needs and support business processes
• Engage with key stakeholders for seamless collaboration and information sharing on IAM-related topics
• Oversee the implementation, integration, and operations of IAM tools and technologies
• Influence IAM enterprise architecture and principles, driving the IAM strategic technology roadmap
• Lead the IAM governance committee, communicating compliance expectations and facilitating decision-making
• Identify IAM-related risks and collaborate on access-related compliance monitoring and testing activities
• Oversee enterprise-wide changes impacting the IAM program and identity lifecycle operations
• Monitor IAM program's operational health and maturity through metrics and risk reporting
• Lead the delivery of IAM governance training programs for IT, security teams, and end-users

Requirements

• 8+ years of progressive information security work experience with an advanced degree (or 14+ years with a bachelor's degree)
• Experience leading IAM related programs in mid to large organizations
• Deep experience advising strategies related to authentication, privileged access management, and IAM enforcement in public clouds (Azure-preferred, AWS)
• Robust understanding and direct experience delivering IAM-related zero trust capabilities
• Experience deploying and handling Policy-Based Access Control (PBAC)
• Experience with IT security concepts/technologies (SSO, ADFS, MFA, Privilege Access Management, RBAC/ABAC, PKI)
• Experience implementing least privilege access, segregation of duties (SoD), and just-in-time (JIT) access controls
• Experience with one or more IAM platforms (Microsoft Azure Active Directory, Entra ID, Okta, SailPoint, Saviynt, CyberArk)
• Understanding of security protocols such as OAuth, OpenID Connect, SAML, and Kerberos

Qualifications

• Advanced degree in information security, computer science, engineering, mathematics, or related field of study or a bachelor’s degree in information security, computer science, engineering, mathematics, or related field of study.
• Minimum of 8 years progressive information security work experience with an advanced degree, or minimum of 14 years with a bachelor's degree. Experience leading IAM related programs in mid to large organizations.

Skills

* Required skills

Certifications