Director of Identity & Access Management Security Engineer

About the Company

Cresset is a firm built by clients, for clients. As an independent, award-winning multi-family office and private investment firm, we are reimagining the way wealth is experienced. Our purpose is to help ensure that both wealth and life are fully optimized*—integrated, intentional, and aligned with each client’s vision of success. We provide access to the caliber of talent, ideas, and investment opportunities typically available to the largest single-family offices and institutions. Our approach is personalized, entrepreneurial, and client-first. Proudly owned by our clients and employees, Cresset was built to endure. We are creating a 100 year firm—one focused on delivering an exceptional experience, not only for the families we serve but for the team that serves them. Our commitment to clients has earned recognition by Barron’s and Forbes, listing us among the nation’s top RIA firms. Cresset is guided by long-term relationships, shared success, and a belief that wealth should serve a life well lived. Learn more at www.cressetcapital.com.

About the Role

We are seeking an experienced Director of Identity & Access Management (IAM Lead) to establish and lead our enterprise IAM program. This is a critical leadership role within our Information Security function, responsible for evaluating our current identity landscape, designing a comprehensive IAM strategy, selecting and implementing modern IAM tools, and building a small but highly effective team to support the program. The ideal candidate will bring both strategic vision and hands-on expertise in identity and access management, particularly within financial services or other regulated industries. You will partner closely with security, compliance, and business stakeholders to ensure our IAM program supports security, scalability, and regulatory requirements.

Responsibilities

• Program Strategy & Leadership
• Assess the current identity and access management environment, including processes, technologies, and governance.
• Define and communicate a multi-year IAM strategy aligned with security, compliance, and business needs.
• Establish IAM governance policies and ensure compliance with regulatory requirements (SOX, GLBA, FFIEC, etc.).
• Serve as the senior IAM subject matter expert and advisor to executives, audit committees, and business units.

• Technology Selection & Implementation
• Evaluate, recommend, and lead the deployment of IAM platforms (e.g., Okta, SailPoint, CyberArk, Ping Identity, Azure AD).
• Drive adoption of best practices in identity lifecycle management, privileged access management (PAM), single sign-on (SSO), and multi-factor authentication (MFA).
• Oversee system integration with critical enterprise platforms and applications.

• Team Development
• Build and lead a small but growing IAM team, starting with the hiring of an IAM Analyst.
• Provide mentorship, coaching, and technical leadership to team members.
• Establish processes for ongoing IAM operations, including access requests, reviews, and audits.

• Program Operations
• Oversee IAM operations, including provisioning/deprovisioning, access certifications, and privileged access controls.
• Partner with IT, HR, and business units to streamline onboarding/offboarding and role-based access management.
• Monitor and report on IAM metrics, risks, and compliance status.

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or related field.
• 8 years of progressive IT/security experience, with at least 4 years in IAM leadership roles.
• Prior experience building or significantly scaling an IAM program, ideally within financial services or a similarly regulated environment.

Required Skills

• Deep knowledge of IAM concepts: authentication, authorization, RBAC, PAM, SSO, MFA, IGA (Identity Governance & Administration).
• Hands-on experience with leading IAM platforms (e.g., SailPoint, Okta, CyberArk, Ping, Azure AD).
• Familiarity with cloud IAM and integration with SaaS and on-premises applications.
• Strong understanding of regulatory frameworks (SOX, GLBA, PCI-DSS, FFIEC).

Preferred Skills

• Proven ability to define strategy, build consensus, and lead organizational change.
• Strong leadership, influencing, and communication skills, with ability to engage both technical and non-technical stakeholders.
• Experience managing small teams and external vendors/partners.

*Wealth Optimized, Life Elevated refers to the firm’s philosophy and process in providing advisory and planning services and is not intended to convey a guarantee of results. **Disclosures related to awards, recognitions, and rankings available here. Cresset refers to Cresset Capital Management, LLC and its respective direct and indirect subsidiaries and controlled affiliates. For full list of Cresset subsidiaries and controlled affiliates, please see cressetcapital.com/disclosures.