VP Identity and Access Management

FactSet’s Information Security team is responsible for implementation of all security technologies across the Technology organization. The team is responsible for implementing security technologies to support the defense in depth architecture to secure FactSet’s systems, data and platforms

The Senior Vice President (SVP), Identity and Access Management (IAM) serves as the senior leader responsible for developing, executing, and overseeing the global strategy for Identity and Access Management across the enterprise. This role leads a multi-disciplinary team, provides strategic direction for policies, processes, and technologies, and serves as the foremost authority on secure access to digital assets. The SVP partners with business and technology stakeholders to ensure robust protection of data, systems, and applications, enabling secure business growth and regulatory compliance.

The successful candidate will work with IT, product management, software engineering teams to seamlessly deploy identity solutions to securely enable business processes and innovation. This includes promoting cross-functional collaboration, managing the lifecycle of human and non-human identities, and ensuring compliance and risk management within security technology portfolio. This position will report directly to the Chief Information Security Officer (CISO).

Key Responsibilities

• Strategic Leadership:
  • Define and implement a comprehensive IAM strategy aligned with organizational goals, risk appetite, and regulatory requirements.
  • Lead, mentor, and grow a high-performing global team spanning architecture, engineering, and operations for IAM.
  • Collaborate with senior executives, business units, and IT leaders to drive IAM improvements.
• Operational Excellence:
  • Oversee day-to-day operations for user provisioning, role-based access, identity federation, privileged access management, and authentication solutions.
  • Ensure scalability, reliability, and performance of IAM technologies and services.
  • Direct incident response and remediation for identity-related security breaches.
• Technical Direction:
  • Architect and guide the adoption of modern IAM technologies, including identity as a service (IDaaS), single sign-on (SSO), multi-factor authentication (MFA), and Zero Trust principles.
  • Lead vendor management, product evaluation, and tool selection for IAM platforms.
  • Ensure IAM integrations with cloud, on-prem, and hybrid systems.
• Governance & Compliance:
  • Develop and enforce IAM policies, standards, and procedures to meet regulatory requirements (e.g., SOX, PCI, HIPAA, GDPR).
  • Drive audit readiness and respond to internal and external compliance assessments.
  • Report IAM metrics, trends, and risks to executive management and the board.
• Innovation:
  • Monitor industry trends and emerging threats to proactively evolve the IAM landscape.
  • Advocate for continuous improvement and adoption of automation in the IAM lifecycle.

Qualifications:

• Bachelor’s or master’s degree in computer science, Information Security, or related discipline.
• 20+ years’ experience in information security leading, managing & developing high performance global teams, with 15+ years in IAM lead roles.
• Experienced leader who can energize the team and support the peers. Demonstrated ability to hire, train, coach, mentor and retain talent to build a cohesive, high performing global team.

Leadership Requirements

• Executive presence with proven ability to influence at technical leadership and C-suite levels.
• Track record of leading large, diverse teams (including matrixed/global environments).
• Superior communication skills; ability to distill complex technical concepts for varied audiences.
• Strong program/project management skills; experience in budgeting and resource planning.
• Commitment to fostering a culture of security, collaboration, and innovation.
• Ability to convert strategy to action by making incremental progress in the face of ambiguity and imperfect knowledge and avoiding analysis paralysis.
• Excellent interpersonal skills, with the ability to collaborate effectively across functions and levels. 
• Assess and present infrastructure security risk, solutions and tradeoffs to technology leadership to enable risk-based decision making.

Technical Requirements

• Deep expertise in IAM domains: user lifecycle management, directory services (Active Directory, LDAP), federated identity (SAML, OAuth, OpenID Connect), PAM, SSO, MFA, certificate management, and biometrics.
• Experience with modern IAM platforms (e.g., Okta, Ping, ForgeRock, SailPoint, CyberArk, Azure AD, AWS IAM).
• Advanced understanding of cloud identity architectures and Zero Trust frameworks.
• Demonstrated knowledge of regulatory frameworks and security standards (e.g., NIST, ISO 27001).
• Hands-on experience with IAM integration for SaaS, IaaS, PaaS, and on-premises solutions.
• Experience overseeing complicated, technical programs at global scale and has familiarity with project & product management methodologies and best practices.
• Breadth of security experience across various infrastructure deployment models (cloud, hybrid and on-prem) and cloud security architectures (AWS, Azure, GCP) and zero – trust architecture.
• Experience in evaluating and implementing next generation cybersecurity technologies, such as Agentic AI, AI- Driven detection and response, MCP etc.
• Strong knowledge cybersecurity frameworks, compliance standards and risk management frameworks (i.e. NIST 2.0, ISO 27001, GDPR, DORA, SOC2 and SOX).
• CISSP, CCSP, SANS GIAC, or similar professional certification(s) a plus.