JOB DESCRIPTION

Director, Cybersecurity IAM Engineering provides leadership and guidance to senior cybersecurity colleagues, leading high-performing teams in the strategic engineering of Identity and Access Management solutions for the enterprise.

RESPONSIBILITIES

The Identity & Access Management (IAM) Engineering Leader is responsible for leading the strategy, architecture, delivery, and operation of enterprise IAM platforms and services. This role oversees a team of engineers responsible for identity governance and access lifecycle management. The leader partners closely with cybersecurity, infrastructure, application development, risk, compliance, and business teams to ensure secure, scalable, and user-friendly access solutions across the organization.

Key Responsibilities

Leadership & Team Development

• Lead, mentor, and develop a high-performing team of IAM engineers and technical specialists.
• Establish clear goals, performance expectations, and career development plans.
• Foster a culture of accountability, innovation, operational excellence, and continuous learning.
• Recruit, retain, and develop top IAM engineering talent.

IAM Strategy & Architecture

• Define and execute the enterprise IAM roadmap aligned with business and security objectives with a specific focus on transforming IAM controls and processes using Agentic AI.
• Drive modernization initiatives including Zero Trust, adaptive access controls, and cloud identity services.
• Establish IAM reference architectures and engineering best practices.
• Evaluate emerging technologies and industry trends to improve security posture and user experience.

Engineering & Delivery

• Oversee design, implementation, and support of IAM platforms, specifically Identity Governance and Administration (IGA), Directory Services (Active Directory, Entra ID, LDAP), and API and machine identity management
• Ensure solutions are scalable, resilient, secure, and compliant.
• Drive automation and Infrastructure-as-Code practices to improve efficiency and reduce risk.

Security & Risk Management

• Partner with Cybersecurity teams to implement strong identity controls and access governance.
• Ensure compliance with regulatory requirements and internal security policies.
• Lead remediation efforts related to identity-related audit findings and security risks.
• Support incident response and investigations involving authentication or access control issues.

Stakeholder Engagement

• Collaborate with executive leadership, security teams, application owners, and business stakeholders.
• Communicate IAM strategy, risks, metrics, and program progress to senior management.
• Influence enterprise-wide adoption of identity standards and best practices.

QUALIFICATIONS

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, Engineering, or related field.
• 8+ years of experience in Identity & Access Management, Cybersecurity, or Infrastructure Engineering.
• 3+ years of people leadership experience managing technical teams.
• Deep understanding of IAM concepts including authentication, authorization, federation, identity governance, and privileged access management.
• Strong understanding of cloud security and identity services across AWS, Azure, and GCP, Active Directory, RACF as well as authorization structures used within applications.
• Experience leading large-scale IAM transformations and modernization initiatives.

Preferred Qualifications

• Experience with DevSecOps, API security, and identity automation.
• CISSP, CISM, CIAM, CCSP, or equivalent certifications.
• Experience implementing Zero Trust security architectures.
• Knowledge of regulatory frameworks such as SOX, PCI-DSS, NIST, ISO 27001, and GDPR.
• Experience leading deployment of Agentic AI solutions for Information Security process and controls.

Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.