Senior Director, Identity and Access Management
Alnylam Pharmaceuticals
8 hours ago
Remote friendly (Cambridge, MA)
United States
IT
Responsibilities:
- Define and execute the enterprise IAM strategy and multi-year roadmap aligned to Zero Trust principles and business risk priorities.
- Own identity lifecycle management for employees, contractors, and partners, including joiner/mover/leaver processes.
- Lead identity governance, access certifications, segregation of duties, and policy enforcement across critical systems.
- Oversee privileged access management (PAM) and service account governance to reduce systemic and insider risk.
- Partner with HR, IT, Digital, Compliance, and Legal to ensure IAM controls support business operations and regulatory requirements.
- Ensure IAM platforms are resilient, well-architected, and operationally mature, with clear SLAs and metrics.
- Drive adoption of modern authentication, MFA, conditional access, and identity threat detection.
- Support audits, inspections, and regulatory inquiries related to identity and access controls.
Leadership Responsibilities:
- Build, lead, and develop a high-performing IAM team with strong technical and program management skills.
- Serve as a trusted advisor to the CISO and leadership on identity-related risk and investment decisions.
- Establish clear accountability, operating rhythms, and reporting for IAM initiatives and outcomes.
- Influence without authority and manage cross-functional dependencies.
Qualifications:
- Bachelorโs degree in computer science, information security, engineering, or related field; Masterโs or MBA preferred.
- 15+ years of identity and access management experience; 10+ years in a leadership role.
- Certifications strongly preferred (e.g., CISSP, CCSP, SABSA, TOGAF, or equivalent).
- Deep knowledge of IAM (IGA, PAM, MFA, CIAM, directory services).
- Experience in regulated environments (pharma, biotech, healthcare, or similar).
- Knowledge of NIST CSF, Zero Trust, SOX, HIPAA, and privacy regulations.
- Ability to translate technical risk into business-relevant terms for executives.
Benefits:
- Medical, dental, vision; life and disability insurance; lifestyle reimbursement; flexible spending/health savings accounts; 401(k) with company match.
- Paid time off, wellness days, holidays, and two recharge breaks.
- Family resources and leave.
Location/Work setup:
- Hybrid role based in Cambridge, MA; 3 days/week onsite.
- Define and execute the enterprise IAM strategy and multi-year roadmap aligned to Zero Trust principles and business risk priorities.
- Own identity lifecycle management for employees, contractors, and partners, including joiner/mover/leaver processes.
- Lead identity governance, access certifications, segregation of duties, and policy enforcement across critical systems.
- Oversee privileged access management (PAM) and service account governance to reduce systemic and insider risk.
- Partner with HR, IT, Digital, Compliance, and Legal to ensure IAM controls support business operations and regulatory requirements.
- Ensure IAM platforms are resilient, well-architected, and operationally mature, with clear SLAs and metrics.
- Drive adoption of modern authentication, MFA, conditional access, and identity threat detection.
- Support audits, inspections, and regulatory inquiries related to identity and access controls.
Leadership Responsibilities:
- Build, lead, and develop a high-performing IAM team with strong technical and program management skills.
- Serve as a trusted advisor to the CISO and leadership on identity-related risk and investment decisions.
- Establish clear accountability, operating rhythms, and reporting for IAM initiatives and outcomes.
- Influence without authority and manage cross-functional dependencies.
Qualifications:
- Bachelorโs degree in computer science, information security, engineering, or related field; Masterโs or MBA preferred.
- 15+ years of identity and access management experience; 10+ years in a leadership role.
- Certifications strongly preferred (e.g., CISSP, CCSP, SABSA, TOGAF, or equivalent).
- Deep knowledge of IAM (IGA, PAM, MFA, CIAM, directory services).
- Experience in regulated environments (pharma, biotech, healthcare, or similar).
- Knowledge of NIST CSF, Zero Trust, SOX, HIPAA, and privacy regulations.
- Ability to translate technical risk into business-relevant terms for executives.
Benefits:
- Medical, dental, vision; life and disability insurance; lifestyle reimbursement; flexible spending/health savings accounts; 401(k) with company match.
- Paid time off, wellness days, holidays, and two recharge breaks.
- Family resources and leave.
Location/Work setup:
- Hybrid role based in Cambridge, MA; 3 days/week onsite.