Sr Mgr., Active Directory Identity Access Mgmt. Engineering

Bring your heart to CVS Health. Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver.
 
Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable.

Position Summary
The Senior Manager of Active Directory (AD) Identity and Access Management (IAM) Engineering is a senior leadership role responsible for overseeing and driving the strategic direction, development, and engineering execution of the organization’s IAM program. This individual will lead a team of security engineers, manage Active Directory IAM solutions, and ensure the integrity and security of digital identities across enterprise systems. The Sr. Manager will work closely with IT, security, compliance, and business units to ensure that IAM policies and processes align with organizational goals and regulatory requirements.

Key Duties and Responsibilities:

• Leadership & Strategy:
  • Lead the IAM AD Engineering team to deliver effective identity and access management services and solutions across the organization.
  • Develop and implement the IAM strategy to support the company’s security, compliance, and business objectives.
  • Provide strategic guidance to senior leadership on IAM-related risks, opportunities, and operational needs.
  • Foster a collaborative and high-performance culture within the IAM Engineering and operations team.
  • Build a culture of continuous learning within the team to stay abreast of emerging IAM technologies, trends, and best practices.
  • Establish and manage key performance indicators (KPIs) to measure team performance, IAM system effectiveness, and operational efficiency.

• Engineering Management:
  • Oversee the day-to-day engineering and automation of IAM systems, ensuring their availability, scalability, and performance.
  • Ensure the efficient operation of identity governance processes, such as provisioning, de-provisioning, role-based access controls (RBAC), and user access reviews through automation.
  • Collaborate with IT operations to monitor and resolve IAM-related incidents, ensuring timely response and resolution.
  • Implement and enforce IAM policies, standards, and best practices to ensure alignment with industry standards and regulatory requirements (e.g., GDPR, HIPAA, SOX), including recommended corrective actions as needed.

• Continuous Improvement
  • Identify opportunities for automation, optimization, and modernizations of AD IAM portfolio.
  • Drive initiatives to improve efficiency, reduce operational overhead, and ensure scalability.
  • Implement solutions that provide zero touch administration for both AD IAM Engineering and Operations teams.

• Risk & Compliance:
  • Identify and mitigate risks associated with identity management, including insider threats, credential abuse, and data breaches.
  • Ensure that IAM practices and controls meet regulatory compliance and audit requirements.
  • Prepare and present periodic reports to executive leadership on IAM performance, risk posture, and compliance status.

• Team Management & Development:
  • Manage and mentor a team of AD IAM engineers, providing career development, training, and performance management.
  • Build a culture of continuous learning within the team to stay abreast of emerging IAM technologies, trends, and best practices.
  • Establish and manage key performance indicators (KPIs) to measure team performance, IAM system effectiveness, and operational efficiency.

Required Qualifications:
 

•  7+ years of experience in Active Directory or related IAM security domains.
•  7+ years of experience in Active Directory integrations, identity governance, and privileged access management
•  5+ years of experience in IAM tools and technologies such as Okta or SailPoint or Microsoft Identity Manager, or equivalent.
•  5+ years of experience with cloud IAM solutions (e.g., AWS IAM, Azure AD, Google Identity) is highly preferred.
•  5+ years of experience with managing IAM operations in large-scale, complex environments.
•  5+ years of experience with security protocols and frameworks (e.g., SAML, OAuth, OpenID Connect, MFA).
•  3+ years in a leadership role and performance management.

Preferred Qualifications:

• Strong leadership and team management skills, with the ability to motivate, mentor, and develop staff.
• Knowledge of relevant compliance frameworks such as NIST, ISO 27001, GDPR, and SOC 2.
• Excellent communication and presentation skills, with the ability to engage and influence senior leadership and stakeholders.
• Deep knowledge of security principles, access control models, and risk management.
• Strategic thinking and a problem-solving mindset, with the ability to manage multiple priorities and complex projects.
• Strong understanding of IT infrastructure, cloud computing, and enterprise systems.

Education:

• Bachelor’s degree in computer science, Information Security, Information Technology, or relevant work experience.
• A master’s degree is a plus.
• Relevant IAM certifications such as CISSP, CISM, or other security and IAM-related certifications are highly desirable.
• Relevant Microsoft certifications such as MCSE, Office 365, Azure, or Messaging.

Pay Range

The typical pay range for this role is:

$130,295.00 - $260,590.00

This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls.  The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors.  This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.  This position also includes an award target in the company’s equity award program. 
 
In addition to your compensation, enjoy the rewards of an organization that puts our heart into caring for our colleagues and our communities.  The Company offers a full range of medical, dental, and vision benefits.  Eligible employees may enroll in the Company’s 401(k) retirement savings plan, and an Employee Stock Purchase Plan is also available for eligible employees.  The Company provides a fully-paid term life insurance plan to eligible employees, and short-term and long term disability benefits. CVS Health also offers numerous well-being programs, education assistance, free development courses, a CVS store discount, and discount programs with participating partners.  As for time off, Company employees enjoy Paid Time Off (“PTO”) or vacation pay, as well as paid holidays throughout the calendar year. Number of paid holidays, sick time and other time off are provided consistent with relevant state law and Company policies. 
 
For more detailed information on available benefits, please visit Benefits | CVS Health

We anticipate the application window for this opening will close on: 02/12/2025

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.