Why UKG:
At UKG, the work you do matters. The code you ship, the decisions you make, and the care you show a customer all add up to real impact. Today, tens of millions of workers start and end their days with our workforce operating platform. Helping people get paid, grow in their careers, and shape the future of their industries. That’s what we do.
We never stop learning. We never stop challenging the norm. We push for better, and we celebrate the wins along the way. Here, you’ll get flexibility that’s real, benefits you can count on, and a team that succeeds together. Because at UKG, your work matters—and so do you.
UKG is seeking a Senior Director of Identity & Access Management (IAM) to lead and evolve our identity security strategy across enterprise and customer-facing platforms. This role is critical in ensuring secure, seamless, and scalable identity experiences for employees, customers, and partners across UKG’s SaaS ecosystem.
You will oversee IAM, PAM, PKI, Active Directory (AD), and SSO/federation services, while driving a modern, cloud-first identity architecture aligned with Zero Trust principles. This leader will bring strong engineering depth, enabling identity as a platform, and a proven ability to build and scale high-performing global teams.
Key Responsibilities:
- Lead a global IAM Engineering & Operations organization.
- Drive operational excellence, platform reliability, and service maturity.
- Lead identity governance across both human and non-human (machine) identities.
- Partner with audit, risk, and compliance organizations to support regulatory and governance initiatives.
- Build and develop high-performing engineering leaders and teams.
Strategy & Product-Aligned Leadership
- Define and execute a cloud-first IAM strategy supporting UKG’s SaaS products and internal enterprise systems
- Partner with Product Engineering, Security, and Platform teams to embed identity into the software development lifecycle
- Champion identity as a core platform capability, enabling secure and frictionless user experiences
- Align IAM initiatives with customer trust, compliance, and uptime expectations in a SaaS environment
Team Building & Engineering Culture
- Build, scale, and lead global IAM engineering, platform, and operations teams
- Foster a product and platform mindset within IAM (API-first, reusable services, developer enablement)
- Drive a culture of automation, reliability engineering (SRE principles), and continuous delivery
- Develop leadership bench strength and succession pipelines
IAM Platform Engineering & Development
- Lead development of scalable IAM services, APIs, and identity orchestration workflows
- Oversee integrations with customer-facing applications, SaaS platforms, and internal systems
- Enable CIAM (Customer Identity & Access Management) capabilities where applicable
- Promote DevSecOps practices, infrastructure-as-code, and automation in identity provisioning and governance
Access Governance & Compliance
- Implement scalable identity lifecycle management and access governance across a distributed workforce
- Mature RBAC/ABAC models and access certification processes
- Ensure alignment with SOC 1, SOC 2, ISO 27001, GDPR, and other relevant compliance standards
Privileged Access Management (PAM)
- Lead PAM strategy to secure privileged access across cloud and production environments
- Implement just-in-time (JIT) access, session monitoring, and credential vaulting
- Reduce attack surface and enforce least privilege at scale
PKI & Cryptographic Services
- Oversee PKI and certificate lifecycle management supporting secure communications and services
- Enable machine identity management and certificate-based authentication across cloud workloads
- Support encryption and key management strategies aligned with SaaS security requirements
Active Directory & Cloud Identity
- Lead modernization of Active Directory (hybrid) and Azure AD / Entra ID environments
- Drive transition toward cloud-native identity and directory services
- Ensure high availability, resilience, and security of identity infrastructure
Security & Risk Management
- Embed IAM within UKG’s Zero Trust architecture
- Proactively identify and mitigate identity-based threats and vulnerabilities
- Support audits, incident response, and continuous compliance efforts
Required Qualifications:
- Experience leading IAM organizations within highly regulated industries (financial services experience preferred).
- Experience supporting regulatory audits, compliance programs, and governance initiatives.
- Experience managing both IAM engineering and IAM operations functions.
- Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field
- 12+ years of experience in IAM, security, or platform engineering, with 5+ years in senior leadership roles
- Strong software engineering background (Java, Python, .NET, or similar) with hands-on IAM solution development
- Proven success building and scaling global engineering teams in a SaaS or product organization
- Deep expertise in: IAM platforms (SailPoint, Saviynt, Okta, Ping, etc.), PAM solutions (CyberArk, BeyondTrust, etc.), Active Directory & Azure AD / Entra ID, SSO & federation protocols (SAML, OAuth, OIDC), PKI and machine identity management
- Experience supporting high-scale, highly available SaaS environments
Preferred Qualifications
- Industry certifications (CISSP, CISM, etc.)
- Experience with cloud platforms (Azure preferred) and microservices architecture
- Familiarity with SRE practices, observability, and reliability engineering
Key Competencies
- Strong platform and product mindset (not just IT operations)
- Ability to balance security, scalability, and customer experience
- Executive-level communication and stakeholder alignment
- Deep technical credibility with engineering teams
- Data-driven, outcome-oriented leadership
Company Overview:
UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry — because great organizations know their workforce is their competitive edge. Learn more at ukg.com.
Equal Opportunity Employer
UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories.
View The EEO Know Your Rights poster
UKG participates in E-Verify.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Disability Accommodation in the Application and Interview Process
For individuals with disabilities that need additional assistance at any point in the application and interview process, please email [email protected].
The pay range for this position is $$207,400 to $298,100. The actual base pay offered may vary depending on skills, experience, job-related knowledge and work location. In addition to base pay, employees may be eligible to participate in a performance-based bonus plan and to receive restricted stock unit awards as part of total compensation. Learn more about UKG’s benefits and rewards at https://www.ukg.com/about-us/careers/benefits
