Identity and Access Management Lead

Avon Products
Warsaw, United States of America
19 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Warsaw, United States of America

Tech stack

Microsoft Active Directory
Software as a Service
Cloud Computing
Cloud Computing Security
Computer Security
DevOps
Identity and Access Management
OAuth
Role-Based Access Control
Openid Connect
Azure
Zero Trust Network Access
Security Assertion Markup Language (SAML)
Single Sign-On
Cyberark
SailPoint

Job description

As the Identity & Access Management (IAM) Manager In this role, you'll lead Avon's cloud-first Identity and Access Management (IAM) program, making sure the right people and systems have the right access at the right time. You'll shape how identities are created, managed and protected across cloud, SaaS and hybrid environments, aligning everything to Zero Trust principles and the NIST ICAM framework. You'll work closely with technology, security, HR and audit teams, act as a trusted IAM subject-matter expert, and guide the organization through secure cloud growth. You'll also lead and support an IAM team, take ownership of IAM-related risks and incidents, and help balance strong security with a smooth user experience., What you'll be working on:

  • Defining and delivering a cloud-first IAM strategy aligned to NIST ICAM and Zero Trust
  • Designing and running identity lifecycle processes (joiner, mover, leaver) for people and non-human identities
  • Implementing and improving Identity Governance and Administration (IGA) using tools such as SailPoint
  • Building and maintaining role-based access models, access reviews and approval workflows
  • Leading Privileged Access Management (PAM) using platforms like CyberArk, with a focus on just-in-time access
  • Strengthening authentication and access controls, including MFA, conditional access and password less options
  • Enabling secure Single Sign-On (SSO) and federation using modern protocols (SAML, OAuth, OpenID Connect)
  • Managing and optimizing Microsoft Entra ID and Active Directory in cloud and hybrid environments
  • Partnering with cloud, DevOps and security teams to embed IAM into cloud security architectures

Requirements

  • 7+ years of experience in Identity and Access Management, cloud security or cybersecurity
  • Strong knowledge of IAM concepts such as RBAC, least privilege, JIT access, IGA and PAM
  • Hands-on experience with Microsoft Entra ID (Azure AD) and Active Directory
  • Experience with IGA and PAM tools such as SailPoint and CyberArk, or similar platforms
  • A solid understanding of authentication, authorization, AAA and identity federation standards
  • Confidence working in cloud-first, SaaS-heavy enterprise environments
  • The ability to lead teams, make clear decisions and communicate effectively with both technical and non-technical stakeholders
  • Relevant security or identity certifications are a plus, but not required

Apply for this position