IDAM IGA & PAM Technology Lead

POSITION SUMMARY

Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global Technology Risk Management Organization is a key building block of ZTD.

Join us at Zoetis India Capability Center (ZICC) in Hyderabad, where innovation meets excellence. As part of the world's leading animal healthcare company, ZICC is at the forefront of driving transformative advancements and applying technology to solve the most complex problems. Our mission is to ensure sustainable growth and maintain a competitive edge for Zoetis globally by leveraging the exceptional talent in India.

At ZICC, you'll be part of a dynamic team that partners with colleagues worldwide, embodying the true spirit of One Zoetis. Together, we ensure seamless integration and collaboration, fostering an environment where your contributions can make a real impact. Be a part of our journey to pioneer innovation and drive the future of animal healthcare.

The global Identity, Directory & Access Management (IDAM) team defines and enforces policies, executes processes, and enables systems to ensure appropriate access management across Zoetis' digital ecosystem. Key IDAM functions at Zoetis include Identity Governance & Administration (IGA), Directory & Authentication Services, Multi-Factor Authentication (MFA), Public Key Infrastructure (PKI), Customer Identity & Access Management (CIAM), and Privileged Access Management (PAM), among others.

The IDAM IGA & PAM Technology Lead is responsible for overseeing several key Identity, Directory, and Access Management (IDAM) functions from both a technology and day-to-day operational perspective within the ZICC. These functions include IGA, PAM, Identity Data Hygiene, and Level 2 (L2) Support. Within the ZICC, this position will lead a team of approximately 10 colleague resources, including technical and functional engineers, administrators, and support analysts. The ideal candidate must possess deep technical proficiency in key areas and maintain a broad understanding of others. As IDAM services are mission-critical to all Zoetis information systems, this role is primarily responsible for ensuring maximum uptime, security, and operational efficiency. The ideal candidate will also possess deep expertise in business processes enabled by IAM solutions and will engage on multiple projects while collaborating with stakeholders at all levels, including executives.

POSITION RESPONSIBILITIES Percent of Time
• Oversee 16x5 operations for Identity, Directory, and Access Management (IDAM) services, ensuring uninterrupted service and providing off-hours escalation support for high-priority incidents (P1, P2).
• Provide technical leadership and oversight for all relevant IDAM services, focusing primarily on Identity Governance and Administration (IGA), Privileged Access Management (PAM), data flows, and related integrations.
• Monitor and manage system performance to ensure maximum uptime, scalability, and security across in-scope IDAM platforms.
• Supervise Level 2 (L2) and Level 3 (L3) support for identity and authentication issues for both end users and technology teams, ensuring timely resolution and high-quality user experiences.
• Lead incident and problem management processes, ensuring service level agreements (SLAs) are consistently met, root causes are identified, and issues are effectively addressed to prevent recurrence.
• Troubleshoot authentication failures and collaborate with application teams to resolve availability issues, maintaining system reliability and addressing critical challenges.
• Supervise incident response and root cause analysis for authentication service outages, identity synchronization issues, and cybersecurity events to ensure timely recovery and mitigation.
• Serve as a key point of contact and subject matter expert for relevant IDAM programs, providing technical guidance and strategic input for projects and initiatives.
• Plan and supervise installations, maintenance, and changes across in-scope IDAM systems and services.
• Identify opportunities to enhance IDAM services, introduce new features to support business objectives, build compelling business cases, and drive initiatives from conception to successful implementation.
• Drive adherence to global IDAM policies and processes, ensuring secure and efficient access to Zoetis information systems for all users.
• Ensure the ZICC IDAM team collaborates closely with Service Desk, Site Services, and Security Operations teams to enhance IAM support processes and optimize cross-team collaboration.
• Oversee IDAM Data Hygiene activities, ensuring clean, accurate, and well-managed identity data across systems. Collaborate closely with HR and other stakeholders to maintain data quality and integrity.
100%

ORGANIZATIONAL RELATIONSHIPS

• Reports to ZICC based IDAM Program Lead, with dotted line to US-based Head of IDAM and IDAM Operations Lead
• Be part of the global Technology Risk Management organization, which reports to the Chief Information Security Officer (CISO).
• Collaborate regularly with ZTD application, business partner, and infrastructure teams
• Interact with external vendors or partners providing software, services, or APIs that require integration with IDAM systems, including establishing requirements, negotiating contracts, and facilitating technical integration.
• Collaborate with implementation partners responsible for deploying, configuring, or maintaining integrated solutions within Zoetis’ IT landscape.

Supervision
Approximately 10 ZICC colleague members of the IDAM team.

EDUCATION AND EXPERIENCE
Indicate the formal education, certification or license required and/or preferred. Include the minimum number of years of relevant experience required for the position (where legally permissible).
Education:
• University Degree in Computer Science or Information Systems is required
• MS or advanced security/identity courses or other applicable certifications is desirable, including
o Certified Information Systems Security Professional (CISSP)
Experience:
• Minimum 10+ years of experience in Information Systems
• 6+ years of detailed, hands-on experience with IDAM, including IGA and PAM
• 2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.
• Experience working with global teams across multiple time zones.
• Proven experience in managing medium to large-scale, global IT projects.
• Demonstrated ability to work within diverse technical teams.
• Proven experience in leading technical teams and managing end-to-end solution delivery.
• Strong experience collaborating with Managed Service Providers (MSPs), with a focus on ensuring quality and alignment.

TECHNICAL SKILLS REQUIREMENTS
This is a combination functional, technical, and leadership role. The ideal candidate will demonstrate proficiency in these areas and provide leadership with respect to specific technologies:

• Identity Governance & Administration (IGA):
o Expertise with SailPoint IdentityIQ (IIQ).
o Proficiency in Identity Lifecycle, Access Request & Recertification, and User Provisioning/Deprovisioning.
o Experience integrating IGA tools with MS Active Directory, ServiceNow, Workday, SAP, and other enterprise systems.
o Strong development skills in Java, Beanshell, XML, or similar languages for customizing workflows, connectors, and creating REST APIs.
o Solid database/SQL skills for data management and integration.
o Knowledge of additional IGA platforms is a plus, such as SailPoint Identity Security Cloud (ISC), Saviynt, etc…
• Privileged Access Management
o Expertise with password vault solutions such as Delinea Secret Server, including password rotation.
o Experience with Just-in-Time Access (JITA) solutions like Netwrix SecureOne.
o Experience integrating PAM solutions with Windows, Linux, Databases, Network Devices, etc…
o Knowledge of additional PAM platforms is a plus, such as CyberArk, etc…
• Data Hygiene
o Experience ensuring clean, accurate, and well-managed identity data across systems.
o Proven ability to establish procedures for decommissioning access for departing employees and reassigning service accounts and entitlements.
o Ability to collaborate with HR to ensure timely and accurate flows of authoritative user data.
• End-User and Technology Team Support
o Provide or supervise Level 2 (L2) and Level 3 (L3) support for identity and authentication issues for both end users and technology teams.
o Troubleshoot authentication failures and collaborate with application teams to resolve availability issues.
o Support incident response and root cause analysis for authentication service outages, identity synchronization issues, and cybersecurity events.
o Work closely with Service Desk, Site Services, and Security Operations teams to enhance IAM support processes.
• Experience with Enterprise & Cloud Directories (Desirable):
o Knowledge of Microsoft Active Directory (AD) management, including trust relationships.
o Functional understanding of Microsoft Entra ID (formerly Azure AD), including Conditional Access Policies, Modern Authentication, Single Sign-On (SSO), and B2B trusts.
o Proficiency in PowerShell scripting for automation and troubleshooting.
o Ability to resolve authentication failures, replication issues, and service outages.
• Desirable Skills:
o Experience with Microsoft Power Apps is a plus, including building or customizing forms and applications to enhance identity-related workflows or integrations.
o Experience with data analytics and automation tools, such as Alteryx, for streamlining workflows and troubleshooting data-related issues is a plus.
o Familiarity with data warehousing concepts and the ability to collaborate effectively with teams managing data warehouses to support identity-related processes is a plus.
• Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences.

PHYSICAL POSITION REQUIREMENTS

Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone)