Manager of Identity and Access Management ("IAM")

Cooley is seeking a Manager of Identity & Access Management to join the Security team.

Position summary: Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end the Manager of Identity and Access Management ("IAM") leads the firm's identity and access management program, providing strategic direction and operational oversight across identity platforms and access controls. This role is accountable for Microsoft Entra ID (Azure AD), Active Directory, Privileged Access Management, Identity Governance, Cloud Identity ("AWS"), and Certificate Lifecycle Management. IAM Management ensures secure, compliant, and efficient access to firm systems, applications, and data by managing user identities, authentication, authorization, and lifecycle processes. This role partners closely with Cyber Security, Technology, HR, and business stakeholders to reduce risk, support regulatory and audit requirements, and enable business operations. This hands-on leadership role will provide both strategic direction and day-to-day operational management. Specific duties and responsibilities include, but are not limited to, the following:

Position responsibilities:

• Lead the firm's Identity and Access (IAM) program, defining strategy, multi-year roadmap, and operating model across workforce, privileged, cloud, and directory identities
• Provider overall ownership of IAM risk, governance, and control effectiveness, ensuring access to systems and data is secure, compliant, and auditable
• Act as the primary IAM authority and escalation point, partnering with Cybersecurity, Technology, HR, and business stakeholders to enable access while reducing security and operational risk
• Oversee Microsoft Entra ID (Azure AD) and on-prem Active Directory, including identity lifecycle management, authentication and authorization models, directory hygiene, and enterprise account management processes
• Lead the Privileged Access Management ("PAM") program, including privileged account onboarding, credential vaulting and rotation, access approvals, break-glass procedures, and ongoing governance aligned to least privileged principles
• Establish and operate identity governance processes, including joiner/mover/leaver workflows, access requests, periodic access reviews, exception handling, and remediation tracking
• Define and enforce authentication standards including MFA strategy, coverage, exceptions, and conditional access controls, across workforce and privileged identities
• Define and govern cloud identity practices, with a focus on Entra ID and AWS IAM roles, policies, federation patterns, and secure access models for human and workload identities
• Own certificate lifecycle management, including inventory, ownership assignment, issuance standards, renewals, revocation, and automation to prevent outages and reduce cryptographic risk
• Establish IAM operational cadence and metrics, including intake and prioritization, change coordination, incident support, KPI reporting, and continuous process improvement
• Manage IAM vendors, tooling, documentation, and runbooks, ensuring solutions remain effective, scalable, and aligned with firm standards and evolving security needs
• Ensure high availability and resilience of IAM services to support 24/7 global legal operations
• Serve as direct supervisor and mentor to direct reports
• Provide day-to-day supervision of direct reports, ensure compliance with assigned work hours and monitor for compliance with all firm and department policies. Manage staffing coverage, review and process time logs/time off requests
• Support business professional development and continued educational opportunities
• In collaboration with immediate supervisor and central HR, participate in hiring, performance appraisals, counseling, termination and other employee lifecycle events
• All other duties as assigned or required

Skills and experience:

Required:

• After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applications
• Ability to work extended and/or weekend hours, as required
• Ability to travel, as required
• 5+ years applicable experience in the field (e.g., in Identity and Access Management (IAM), cybersecurity or related technical disciplines, with progressive responsibility across identity platforms and access controls). Senior candidates must have 7+ years experience.
• Experience leading IAM programs, including setting priorities, managing delivery, and partnering across security, technology and business functions
• Demonstrated experience defining and executing IAM strategies and roadmaps, translating risk and regulatory requirements into scalable identity solutions
• Strong working knowledge of authentication and authorization models, including MFA strategy, conditional access controls, exception management, and legacy authentication risk reduction
• Hands-on experience with Entra ID (Azure AD) and on-prem Active Directory, including identity lifecycle management, group/role design, and enterprise account administration
• Experience leading or operating Privileged Access Management (PAM) programs, including privileged account governance, credential protection, and remediation tracking
• Experience with cloud identity, including roles, policies, federation patterns, and secure access for human and workload identities

Preferred:

• Bachelor's degree
• Supervisory experience
• Solid understanding of identity governance concepts such as joiner/mover/leaver processes, access request workflows, access certifications, and remediation tracking
• Experience building or maturing IAM functions and/or technologies
• Familiarity with IAM automation and integrations (HR systems, ITSM systems, CI/CD pipelines, or IaC)
• Experience supporting regulatory, audit, or compliance programs (e.g., ISO 27001, NIST-aligned controls)
• Experience managing IAM vendors, contracts, and third-party integrations
• Relevant certifications such as CISSP, CISM, CIAM, Azure, AWS, or other IAM-focused certifications
• Experience in a law firm or legal services organization
• Experience supporting urgent, high-risk legal workflows without service disruption

Competencies:

• Demonstrate leadership, accountability, and ownership of outcomes
• Thinks strategically and prioritizes work aligned to business and security goals
• Exercise sound judgement when balancing security risk, compliance, and business needs
• Build strong partnerships and influence stakeholders across technical and non-technical teams
• Communicate clearly with stakeholders at all levels, including leadership and auditors
• Ability to adapt effectively to change and drives continuous improvement
• Strong interpersonal skills and problem-solving skills
• Ability to communicate complex IAM concepts clearly to non-technical stakeholders, auditors, and senior leadership
• Entrepreneurial by nature
• Excellent attention to detail
• Ability to organize, prioritize and coordinate multiple activities often under tight timelines
• Ability to drive projects to completion and achieve goals
• Strong judgment
• Team-player with collaborative spirit
• Unwavering ability to handle and maintain confidentiality regarding firm information, projects,
• client data
• High level of professionalism at all times
• Demonstrated ability to lead through influence and develop talent
• Proactive, analytical mindset
• Effective presentation skills

Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices.

EOE.

The expected annual pay range for this position with a full-time schedule is $155,000 - $225,000. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate.

We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.