Manager - Identity & Access Management (IAM) Service Owner

Davies

Experience: 3+ yrs
Location: Pune, Maharashtra, India
Job type: Full-time

Required skills

Active Directory
Microsoft Entra ID
PKI
Certificate management
MFA
SSO

About the role

The Manager Identity & Access Management (IAM) Service Owner is responsible for governing, operating, and continuously improving the organisation’s identity and access services across on‑premises and cloud environments. This role ensures that users, systems, and applications have the right access at the right time, following the principles of least privilege, zero trust, and regulatory compliance. With ownership of Active Directory (AD), Microsoft Entra ID (Azure AD), and Certificate Management, the Access Management Lead plays a critical role in safeguarding the organisation’s digital identity ecosystem. They oversee identity lifecycle processes, privileged access controls, authentication standards, and certificate‑based security, ensuring that access services remain secure, reliable, and aligned with business needs. Reporting into senior IT leadership or the Security/Infrastructure function, this role collaborates closely with Security, Service Desk, Network, and Application teams to maintain strong access governance, support audits, and drive continuous improvement. The successful candidate combines technical depth with service ownership discipline, ensuring that identity and access services underpin a secure and seamless user experience.

Key Responsibilities

Oversee the health, performance, and security of on‑premises AD environments.
Govern domain controllers, group policies, OU structure, and replication.
Ensure AD configuration aligns with best practices, zero‑trust principles, and audit requirements.
Manage privileged access within AD, including tiering models and admin roles.
Govern identity lifecycle processes in Entra ID, including provisioning, deprovisioning, and role assignments.
Manage conditional access policies, MFA, SSO integrations, and identity protection features.
Oversee application registrations, enterprise apps, and federated identity configurations.
Ensure secure hybrid identity operations (Entra Connect, cloud sync, password hash sync).
Own joiner, mover, leaver (JML) processes and ensure timely, accurate access provisioning.
Govern privileged access across AD, Entra ID, and critical systems.
Work with Security to enforce least‑privilege, role‑based access control (RBAC), and zero‑trust principles.
Ensure access reviews, recertifications, and segregation‑of‑duties controls are executed.
Own the organisation’s certificate lifecycle management, including issuance, renewal, and revocation.
Manage internal PKI infrastructure, certificate authorities, and related policies.
Ensure certificates for servers, applications, devices, and users are maintained and compliant.
Prevent outages by proactively monitoring certificate expiry and automating renewal processes.
Ensure identity and access services comply with internal policies, regulatory standards, and audit requirements.
Maintain audit‑ready documentation for AD, Entra ID, and PKI.
Support security teams with identity‑related investigations, vulnerability remediation, and risk management.
Partner with application owners to integrate systems with AD/Entra ID for authentication and SSO.
Track and report on identity service performance, access trends, and compliance metrics.
Identify opportunities to automate provisioning, improve user experience, and reduce access‑related incidents.
Drive continuous improvement initiatives across identity services, PKI, and authentication processes. Maintain accurate documentation for identity architecture, access workflows, and certificate processes.
Ensure runbooks, SOPs, and support guides are up to date and accessible to operational teams. Provide training and guidance to Service Desk and support teams on identity and access processes.

Skills, Knowledge and Expertise

Education

Bachelor’s degree in IT, Computer Science, Cybersecurity, or equivalent experience.
ITIL Foundation and relevant Microsoft identity/certificate training preferred.

Experience

3–5+ years in IAM, Directory Services, or Security Operations.
Strong hands‑on experience with Active Directory, Microsoft Entra ID, and certificate management/PKI.
Proven ability to manage identity lifecycle processes, privileged access, and audit requirements.

About Davies

Insurance claims management and legal professional services provider.

This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.