Are you someone who challenges the status quo, acts autonomously, and has experience leading data management and governance in broadscale transformation programs? Are you ready to take the next leap in your career by leveraging your experience to influence product strategy and build a world-class product organization that will have a global impact? Bring your expertise in IGA, IAM, PBAC, and RBAC to help modernize our security platforms, streamline processes, and ensure robust protection of sensitive assets. If you're passionate about translating security strategy into tangible business outcomes, thrive in a collaborative environment, and are ready to elevate your career, this exciting opportunity is for you!

Work you'll do

As an Identity and Access Management (IAM) Manager, play a pivotal role in shaping the future identity and access management for our dynamic enterprise. You will champion the design, implementation, and continuous enhancement of application security controls, driving transformation across authentication, authorization, and identity governance solutions. With a focus on innovation, scalability, and best-in-class security, you'll collaborate with cross-functional teams to align security strategy with evolving business needs and regulatory requirements.

• As an IAM Manager, you will own delivery execution for CIAM/IGA/PBAC access management initiatives, scope, plan, dependencies, and release readiness, supporting GES service offerings.
• Collaborate with business leaders, product owners, security architects, and cross-functional teams to translate security requirements into delivery plans (backlog, milestones, cutover and testing) for authentication, authorization, and identity governance enhancements.
• Lead implementation teams responsible for deploying solutions and ensuring timely, secure, and effective rollouts.
• Operationalize and enforce security standards through best practices, reference patterns and application onboarding checklists to drive consistency, reliability, and scalability across the platform.
• Continuously improve access controls by identifying gaps through incidents and audit findings, driving remediation, and reducing repeat issues through standard patterns.
• Drive detailed implementation across application/product teams by managing requirements, integration design, testing, and cutover for prioritized Authorization and governance capabilities. .
• Own delivery of the approved roadmap by maintaining a transparent execution plan, reporting progress/risks, and driving decisions needed to hit release targets.
• Build and nurture strong partnerships with our Quality and Risk Management (QRM) and Global Cyber teams to align delivery, review designs, document exceptions, obtain approvals, and ensure audit-ready evidence.
• Drive adoption of CIAM patterns and governance workflows across teams through enablement, onboarding support, and a clear 'definition of done' for access controls.
• Run operating cadence (weekly delivery sync, RAID log, release readiness reviews) and communicate priorities, status, risks, and dependencies.
• Manage vendor integrations and delivery outcomes (SSO federation onboarding, lifecycle management, support model, SLAs) to ensure new capabilities are production ready.

The team

At Deloitte Tax LLP, our Global Employer Services (GES) Technology Group consultants help multinational clients develop programs, processes and digital offerings to manage a global workforce and the compliance obligations arising from global mobility, business travel and remote working. People within our technology group come from a diverse background - they partner with our go-to-market teams and global clients to solve challenging problems and design experiences and products that anticipate what our Deloitte clients will want and also solutions that keep them compliant with global and local regulations.

Qualifications:

Required

• Bachelor's degree in computer science, information security, software engineering, or a related discipline.
• Ability to perform job responsibilities within a hybrid work model that requires US Tax professionals to co-locate in person 2 - 3 days per week.
• 5+ years of experience in Identity Access Management (IAM), Identity Governance (IGA), CIAM, or application security, with a background in cloud service platforms (e.g., AWS, Azure) and focusing on product security.
• Demonstrated subject matter expertise in IGA, IAM, PBAC, and RBAC technologies and strategies.
• Hands-on expertise delivering large scale CIAM/IGA capabilities using PBAC/RBAC patterns, including rollout and operationalization.
• Expertise in policy-as-code for PBAC implementations (e.g. Cedar, Rego, JSON, YAML).
• Proven ability to influence teams, drive adoption of standards, build strong relationships across technical and non-technical stakeholders.
• Demonstrated experience in vendor management, evaluating and integrating security products into enterprise environments.
• Ability to travel up to 10%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.
• One of the following accreditations obtained:
• Licensed CPA in state of practice/primary office if eligible to sit for the CPA
• If not CPA eligible:
• Licensed attorney
• Enrolled Agent
• Technology Certifications
• AWS Certified Solutions Architect
• Certified Information Systems Security Professional (CISSP)
• Certified SAFe® Product Owner / Product Manager
• Microsoft Certified Solutions Developer (MCSD)
• Microsoft MCSD Certification
• Project Management Professional (PMP)
• Six Sigma (Green or Black Belt)

Preferred

• Certified Identity and Access Manager (CIAM), or other IGA/IAM-focused credentials.
• Previous experience with Big 4 or other large technology consulting firms.
• Experience with global/multinational businesses.
• Experience in end-to-end product lifecycle, specifically implementing product security.
• Ability to visualize and communicate and collaborate effectively across teams and convey complex security topics to all audiences.
• Expertise in creating and implementing efficient processes and standards in large organizations.
• Knowledge of risk management and compliance expectations related to authentication and authorization for regulated environments.
• Experience in end-to-end application security solution design.
• Strong written and verbal communication skills, evidenced by experience collaborating across technical and non-technical teams.
• Excellent interpersonal and organizational skills, with the ability to handle diverse situations, complex projects, and changing priorities, behaving with passion, empathy, and care.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $111,090 to $235,170.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Information for applicants with a need for accommodation:
Hyperlink: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html