Sr Identity Access Management - Remote

SitusAMC is where the best and most passionate people come to transform our client’s businesses and their own careers. Whether you’re a real estate veteran, a passionate technologist, or looking to get your start, join us as we work together to realize opportunities for everyone, we proudly serve. At SitusAMC, we are looking to match your unique experience with one of our amazing careers, so that we can help you realize your potential and career growth within the Real Estate Industry. If you are someone who can be yourself, advocate for others, stay nimble, dream big, own every outcome, and think global but act local – come join our team! This role is responsible for overseeing the strategy, implementation, and governance of identity and access management across corporate and client environments. This role ensures secure, complaint, and efficient access to systems and applications, safeguarding critical assets and data. The AVP will lead initiatives to strengthen identity security, enforce access controls, and maintain compliance with organizational and regulatory standards. This role possesses a deep technical expertise in IAM platforms, strong leadership skills, and the ability to collaborate effectively with business and technology stakeholders. Essential Job Functions: Define and maintain the IAM strategy, roadmap, and reference architecture covering workforce, privileged, non-human, and application identities. Champion Zero Trust principles—strong authentication, continuous evaluation, least privilege, and just-in-time access. Align IAM programs with enterprise security architecture, cloud adoption, data protection, and digital transformation initiatives. Establish governance for identity lifecycle, access policies, and compliance with internal standards and external regulations (SOX, HIPAA, PCI DSS, GDPR, ISO 27001). Own joiner–mover–leaver (JML) processes and ensure accurate, timely provisioning and deprovisioning integrated with HRIS and directories. Implement and maintain RBAC/ABAC models, role mining, segregation of duties (SoD), and toxic combination controls. Govern federation standards (SAML, OIDC/OAuth2), app onboarding, token lifecycles, and session management. Optimize user experience while maintaining security for workforce, partners, and service accounts. Enforce least privilege, credential vaulting, session recording, and JIT elevation for admins and high-risk roles. Govern break-glass procedures and reduce standing privileges across servers, network devices, cloud control planes, and DevOps toolchains. Govern identities, roles, and policies across cloud providers (Azure, AWS, GCP) and SaaS platforms. Implement controls for workload identities, service principals, managed identities, and API authentication. Maintain IAM controls to meet regulatory requirements and internal policies. Prepare for audits, produce evidentiary artifacts, and manage remediation plans. Conduct periodic access reviews, entitlement clean-up campaigns, and report residual risk to leadership. Lead day-to-day operations of IAM platforms ensuring availability, scalability, and incident response. Establish SLAs/OLAs, runbooks, and knowledge articles; drive MTTR improvements and change management discipline. Oversee identity data quality, directory hygiene, and deprovisioning efficacy to minimize orphaned accounts. Coordinate with Security, HR, Legal, Compliance, IT Operations, App Owners, and Data Governance for end-to-end alignment. Communicate complex identity risks and trade-offs to executive stakeholders in business terms. Maintain user accounts and permissions for corporate and client systems, including proprietary platforms. Resolve access-related issues (e.g., MFA failures, provisioning errors) within established SLAs. Document resolutions for compliance and knowledge sharing. Benchmark against industry best practices and drive IAM capability maturity (e.g., NIST/CMMI frameworks). Conduct post-incident reviews and prioritize backlog for continuous improvement. Other activities as may be assigned by your manager. Qualifications/ Requirements: Bachelor’s degree in related field or equivalent combination of education and experience Minimum of 6+ years of industry and/or relevant experience, typically with 1+ years in a Senior Associate level role or external equivalent. Hands-on experience with IAM platforms such as Microsoft Entra ID (Azure AD), SailPoint, CyberArk, Okta, or similar. Proven track record in implementing SSO, MFA, RBAC/ABAC, and Privileged Access Management (PAM) solutions. Experience managing identity lifecycle processes (JML) and integrating with HR systems and directories. Strong background in cloud identity management (Azure, AWS, GCP) and federation protocols (SAML, OAuth 2.0, OpenID Connect). Proficiency in PowerShell or other scripting languages for IAM automation. Knowledge of Windows Server, Active Directory, and modern authentication technologies. Familiarity with Zero Trust principles, id Apply tot his job Apply To this Job