Requisition Number: 2022-12-01640-0160-001
Job Title: Manager, Identity & Access Management
City: New York
State: NY
Shift: Monday-Friday; 9:30 AM-5:30 PM
Hours: 35

Simpson Thacher & Bartlett LLP is one of the world’s leading international law firms. The Firm was established in 1884 and has more than 1,000 lawyers. Headquartered in New York with offices in Beijing, Brussels, Hong Kong, Houston, London, Los Angeles, Palo Alto, São Paulo, Tokyo and Washington, D.C., the Firm provides coordinated legal advice and transactional capability to clients around the globe. Cross-border finance, banking and bank regulation, mergers and acquisitions, securities issuance and regulation, project and asset based finance, real estate, asset management, joint ventures, taxation, litigation and dispute resolution are important aspects of the Firm’s practice.

Manager, Identity & Access Management

Apply Now

Description/Job Summary

The Manager, Identity and Access Management (IAM Lead), in conjunction with the Head of Global Infrastructure, is responsible for the planning, building, delivery and support of the IAM program. The IAM Lead will manage the development of the IAM application and architecture, as well as provide in-depth technical consultation to the business units and IT management and assist in developing plans for the integration of information security requirements.


  • Fosters an understanding of the IAM system and facilitates decision making with the business users
  • Designs and implements products and services to provide a strong IAM program that balances access with compliance and confidentiality
  • Identifies and evaluates complex business and technology risks, internal controls that mitigate risks and opportunities for internal control improvement
  • Identifies the broader impact of  decisions related to user access, data access and information security
  • Aligns IAM processes across the organization, and develops and documents standards for organizational use
  • Co-leads an IAM selection process, evaluates existing and emerging technologies and tools for the business units
  • Demonstrates advanced understanding of business processes, internal control risk management, IT controls and related standards
  • Provides an expert understanding of web security standards, architecture, web security best practices and application security best practices
  • Administers authentication technologies, such as Microsoft Active Directory/Windows authentication, OpenLDAP, Shibboleth, SimpleSAMLphp, Kerberos, OpenID Connect, OAuth and federated identity management

Required Skills

  • 5+ years of experience in technology implementation, including: 3+ years in developing, implementing and architecting information systems and 3+ years technical architecture experience integrating identity management, access management and access governance software into clients’ infrastructure and applications
  • Identity management familiarity in one or more of the following areas;
    • single sign-on (SSO), data management, identity federation, enterprise directory architecture and design, including directory schema, directory services, namespace and replication topology experience, resource provisioning, ITIL and process integration
    • Identity and access governance including role-based access control, access request and certification, user life cycle management processes and organizational change management
    • Has experience managing Linux servers, including Apache and configuration management with Salt, Ansible, Chef or Puppet.
  • Familiarity with Ruby, Python, PHP, PowerShell, SQL and/or shell scripting
  • Ability to build, lead and manage a team independently
  • Knowledge of agile development techniques and secure software development life cycle
  • Ability to translate security-related matters into business terms that are clear and understandable  and incorporate business needs into technical roadmaps
  • Thinks outside the box when designing systems and solutions, strong problem-solving and trouble-shooting skills
  • Ability to interface with stakeholders at all levels and roles in the company
  • Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity

Preferred Skills

  • Certification in one or more public cloud platforms, such as AWS, Azure Cloud or Google Cloud
  • Certification in Information Assurance Management, Certified Information Systems Security Professional, and/or Certified Information Security Manager

Required Education

Bachelor’s degree or equivalent years of industry experience required


Salary Information

The estimated base salary range for this position is $150k to $190k at the time of posting. The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. This role is exempt meaning it is not overtime pay eligible.

Apply Now

Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity. The Firm prohibits discrimination or harassment based upon race, color, religion, gender, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, protected veteran’s status or any other legally protected status. “Gender” includes actual or perceived sex, a person’s gender identity, self-image, appearance, behavior or expression, whether or not that gender identity, self-image, appearance, behavior or expression is different from that traditionally associated with the legal sex assigned to that person at birth. This Policy pertains to every aspect of an individual’s relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.