Identity & Access Management Manager

We have an exciting new opportunity for an Identity & Access Management Manager to join the A&O Shearman Belfast office. This role is responsible for leading the operational delivery of the firm's Identity and Access Management (IAM) function which encompasses all aspects of access management.

Apply today via the link below or contact [email protected] to find out more.

About the team

The firm's ability to keep our clients' data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the world's large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board.

Led by our new CISO, Yolande Young, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity.

In addition, you will have the opportunity to share and gain intel from the firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes.

What you will do

This role ensures the secure, efficient, and compliant provisioning and governance of access, including role based, privileged and conditional access, across systems and data. Reporting to the Head of Digital Trust, the Manager oversees a team of IAM Managers and Analysts and collaborates closely with the Identity and Access Senior Architect to align operational processes with technical solutions. The role plays a critical part in maintaining a robust IAM framework, managing risk, and supporting audit and compliance initiatives.

This will include:

Strategy and Leadership

• Set the strategy for governing IAM in the firm by outlining clear objectives, establishing comprehensive guidelines, and ensuring alignment with the firm's overall goals to enable secure and effective identity and access management.
• Lead by example by fostering a collaborative, high-performing team culture that enables continuous improvement and operational excellence across the IAM team.

Risk and Control Management

• Oversee the IAM team in the development, documentation, and maintenance of IAM processes, procedures, and standards, in close collaboration with the IAM Senior Architecture.
• Lead the IAM team in defining and maintaining IAM controls to mitigate access-related risks and ensure compliance with internal policies and external regulations.
• Orchestrate the IAM team in performing risk assessments, ensuring these are conducted regular to identify and remediate any security gaps.
• Support the implementation of corrective actions in response to audit findings and risk reviews.

IAM Operations

• Oversee the day-to-day operations of the IAM team, including:
• Privileged access provisioning, modification, revocation, and review through PAM technology solution;
• Certification of basic and privileged access across the organisation, ensuring compliance with internal and external standards and requirements.
• Maintenance of RBAC and entitlement management frameworks.
• Maintenance of IAM procedural and controls documentation.
• Continuously evaluate and enhance IAM operations to improve efficiency, security, and user experience.
• Work closely with IAM Architecture and Engineering to orchestrate the implementation of automation and self-service capabilities to streamline access management workflows.

Collaboration and Communication

• Work closely with the Identity and Access Senior Architect to ensure alignment between operational processes and technical architecture.
• Collaborate with IT, compliance, and business stakeholders to address IAM-related issues and initiatives.
• Promote awareness and adherence to IAM policies, procedures, and best practices by ensuring these are communicated and disseminated across the firm.

Audit and Compliance

• Ensure that the IAM team provides an appropriate level of support for internal and external audits, so that any required documentation is prepared, and the team is able to demonstrate compliance with IAM controls.
• Engage with external parties and auditors where appropriate/necessary to address any queries or concerns.
• Ensure audit readiness by maintaining accurate records and implementing required improvements.

Team Leadership and Management

• Lead and manage a team of Identity and Access Managers and Analysts, providing coaching, performance management, and professional development.
• Delegate tasks effectively to ensure efficient and timely delivery of IAM services.

What you will have

• Extensive experience in a relevant IT or information security role, with significant experience in an IAM-relevant leadership or operational management role.
• At least one relevant, industry-recognised professional certification, such as CISSP, CISM, or CISA.
• Proven track record of leading and managing IAM teams in a complex enterprise environment.
• Extensive experience in Identity and Access Management, with a strong focus on operational delivery, including hands-on experience with IAM tools and platforms (e.g., Microsoft Entra ID, CyberArk).
• Deep understanding of IAM principles, processes, and technologies, including user access provisioning, role-based access control (RBAC), and privileged access management (PAM).
• Experience in defining and implementing IAM controls and governance frameworks.
• Strong knowledge of risk management and compliance standards relevant to IAM (e.g., ISO 27001, NIST).
• Strong written and verbal communication, interpersonal, and leadership skills with the ability to collaborate with colleagues across the business and with external parties.
• Experience supporting audit and compliance activities related to IAM.

You will stand out if you bring

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Prior experience working in professional services, preferably within the legal sector.
• Familiarity with automation and scripting languages (e.g., PowerShell, Python).
• Experience with cloud-based IAM solutions and hybrid environments.
• Background in project management or experience leading IAM-related initiatives.
• Experience in developing and delivering IAM training and awareness programmes.

What we can offer you

We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, online discounts and lifestyle management services.

Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.

We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.

If this role is not of interest we may have another suitable opportunity here for you at A&O Shearman! Visit our careers portal at A&O Shearman Careers and submit your CV to our Talent Network to be notified when the perfect opportunity becomes available.