We have an exciting new opportunity for an Identity & Access Management Manager to join the A&O Shearman Belfast office. This role is responsible for leading the operational delivery of the firm’s Identity and Access Management (IAM) function which encompasses all aspects of access management.
The firm’s ability to keep our clients’ data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the world’s large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board.
Led by our new CISO, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman’s strategy to lead where global complexity creates opportunity.
In addition, you will have the opportunity to share and gain intel from the firm’s cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients’ cyber risk management and incident response programmes.

This role ensures the secure, efficient, and compliant provisioning and governance of access, including role based, privileged and conditional access, across systems and data. Reporting to the Head of Digital Trust, the Manager oversees a team of IAM Managers and Analysts and collaborates closely with the Identity and Access Senior Architect to align operational processes with technical solutions. The role plays a critical part in maintaining a robust IAM framework, managing risk, and supporting audit and compliance initiatives.
This will include:

Strategy and Leadership

• Set the strategy for governing IAM in the firm by outlining clear objectives, establishing comprehensive guidelines, and ensuring alignment with the firm’s overall goals to enable secure and effective identity and access management.
• Lead by example by fostering a collaborative, high-performing team culture that enables continuous improvement and operational excellence across the IAM team.

Risk and Control Management

• Oversee the IAM team in the development, documentation, and maintenance of IAM processes, procedures, and standards, in close collaboration with the IAM Senior Architecture.
• Lead the IAM team in defining and maintaining IAM controls to mitigate access-related risks and ensure compliance with internal policies and external regulations.
• Orchestrate the IAM team in performing risk assessments, ensuring these are conducted regular to identify and remediate any security gaps.
• Support the implementation of corrective actions in response to audit findings and risk reviews.

IAM Operations

• Oversee the day-to-day operations of the IAM team, including:
• Privileged access provisioning, modification, revocation, and review through PAM technology solution;
• Certification of basic and privileged access across the organisation, ensuring compliance with internal and external standards and requirements.
• Maintenance of RBAC and entitlement management frameworks.
• Maintenance of IAM procedural and controls documentation.
• Continuously evaluate and enhance IAM operations to improve efficiency, security, and user experience.
• Work closely with IAM Architecture and Engineering to orchestrate the implementation of automation and self-service capabilities to streamline access management workflows.

Collaboration and Communication

• Work closely with the Identity and Access Senior Architect to ensure alignment between operational processes and technical architecture.
• Collaborate with IT, compliance, and business stakeholders to address IAM-related issues and initiatives.
• Promote awareness and adherence to IAM policies, procedures, and best practices by ensuring these are communicated and disseminated across the firm.

Audit and Compliance

• Ensure that the IAM team provides an appropriate level of support for internal and external audits, so that any required documentation is prepared, and the team is able to demonstrate compliance with IAM controls.
• Engage with external parties and auditors where appropriate/necessary to address any queries or concerns.
• Ensure audit readiness by maintaining accurate records and implementing required improvements.

Team Leadership and Management

• Lead and manage a team of Identity and Access Managers and Analysts, providing coaching, performance management, and professional development.
• Delegate tasks effectively to ensure efficient and timely delivery of IAM services.