Security Solutions Lead Consultant - Identity and Access Management IAM

Qualifications:

Required

• 8-12 years of experience in cybersecurity with a sustained focus on Identity and Access Management; must include 5+ years in a senior consulting or technical leadership role with hands-on IAM platform implementation and client advisory experience
• Demonstrated experience serving as an IAM technical SME within pursuit or sales teams, with a track record of contributing to scoping, pricing, and winning consulting engagements
• Deep technical expertise across IAM domains, including:
• IGA - SailPoint IdentityNow/IdentityIQ, Saviynt, Omada, or One Identity: role engineering, access certification, SoD policy design, joiner-mover-leaver lifecycle management, connector architecture, and entitlement catalog design
• PAM - CyberArk (Core PAS, EPM, Conjur), BeyondTrust (Password Safe, Privilege Management), or Delinea/Thycotic: vault architecture, privileged account onboarding, session recording, just-in-time access, and least-privilege enforcement
• Access Management - Okta, Ping Identity (PingFederate, PingOne), Microsoft Entra ID, or ForgeRock: SSO architecture, adaptive MFA, SAML 2.0, OAuth 2.0, OIDC, SCIM provisioning, and federation design
• Cloud Identity - AWS IAM/IAM Identity Center, Azure Entra ID, GCP IAM, CIEM tools (Wiz, Ermetic, Sonrai): cloud entitlement governance, CIEM policy design, and cloud-native IAM patterns
• Directory Services - Active Directory (design, tiered admin model, hardening), Azure AD Connect, LDAP, and virtual directory architectures (Radiant Logic, Microsoft MIM)
• Working knowledge of identity and security governance frameworks: NIST SP 800-53 (AC and IA control families), NIST CSF 2.0, NIST SP 800-207 (Zero Trust Architecture), ISO 27001/27002, MITRE ATT&CK credential access and lateral movement tactics, SOX ITGC access control requirements, HIPAA Security Rule, PCI DSS, and DORA as it relates to identity resilience
• Practical understanding of the identity-security interplay across adjacent domains: application security (OAuth/OIDC, API security), identity threat detection and response (ITDR), endpoint and device trust, and privileged attack paths including credential compromise and lateral movement
• Demonstrated consulting delivery competencies, including:
• Structured discovery and assessment: design and execute current-state IAM discovery engagements, conduct stakeholder interviews and technical SME sessions, synthesize findings into clearly structured, actionable outputs
• Gap analysis and maturity evaluation: assess and communicate IAM program maturity across technology, process, governance, and organizational readiness dimensions against recognized frameworks; prioritize findings by business risk and identity risk impact
• Executive communication: translate complex IAM findings into clear, concise narratives for CISO and senior leadership audiences; adapt message depth and framing to technical and business stakeholders
• Workshop facilitation: design and lead executive workshops, IAM program kickoffs, cross-functional discovery sessions, and technical design sessions; drive alignment among stakeholders with competing priorities
• Roadmap and program planning: develop phased IAM execution roadmaps with initiative prioritization, dependency mapping, ROM estimates, and milestone sequencing aligned to client business constraints and risk objectives
• Deliverable excellence: consistent track record of producing client-ready IAM deliverables - assessments, maturity scorecards, gap registers, architecture recommendations, roadmaps, and program plans - that meet professional services quality standards
• Stakeholder and engagement management: manage complex, multi-stakeholder IAM engagements; navigate competing priorities, set and manage expectations, escalate risks appropriately, and sustain client trust through ambiguity
• Practice Development: Develop, maintain, and enhance IAM service offerings including methodologies, marketing content, deliverable templates, and practice capabilities
• Sales and Pipeline Management: Identify, shape, and drive IAM opportunities from initial discussions through proposals, SOW, fee estimation, level of effort, margins, leveraged team structures, and deal closure

Preferred

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field
• Advanced certifications: CISSP, CISM, CISA, CRISC, CCSP, or equivalent; vendor-specific certifications from SailPoint, Okta, CyberArk, BeyondTrust, Microsoft (SC-300, SC-400, AZ-500), or Saviynt are highly valued
• Experience in IAM program governance, policy development, and regulatory compliance design across financial services, healthcare, retail, manufacturing, or public sector
• Contributions to IAM thought leadership: white papers, conference presentations, or intellectual property that strengthen practice market presence
• Familiarity with regulatory and compliance drivers for identity programs, including SEC cyber disclosure rules, DORA, HIPAA, SOX, NERC CIP, or PCI DSS requirements as they relate to identity governance and access control

Key Competencies

• Trusted IAM client advisor
• Delivery excellence and workstream ownership
• Technical SME depth across IGA, PAM, Access Management, and cloud identity
• Pursuit and solutioning acumen

Success in this role means consistently delivering high-quality IAM engagements that clients trust, contributing to won pursuits through credible scoping and solutioning, mentoring the next wave of IAM consultants, and advancing WWT's IAM practice through reusable assets and thought leadership that deepens client relationships and drives practice growth.

Want to learn more about Consulting & Security Services? Check us out on our platform:

https://www.wwt.com/consulting-services

https://www.wwt.com/category/security-transformation

Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $127,00 to $160,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

If you have any questions or concerns about this posting, please email taposting@wwt.com.

#LI-MP2

#LI-REMOTE