[Hiring] Lead, Identity & Access Management @Commvault

Role Description

As the IAM Lead at Commvault, you will help shape and advance the strategy, architecture, and hands-on execution of Identity & Access Management across our cloud, SaaS, and enterprise environments. This is a deeply technical role focused on strengthening authentication, authorization, and identity governance controls that protect our workforce, platforms, and customers.

A core focus of this role is ownership and advancement of our SailPoint identity governance platform. You will drive identity lifecycle automation, access certifications, role modeling, and entitlement governance to ensure controls scale effectively with business growth.

You will act as the senior technical lead for IAM—working closely with Engineering, Cloud, Infrastructure, HR, and Security teams to design and implement secure, scalable, and user-centered identity solutions. This is a hands-on individual contributor role with significant enterprise impact and no direct people management responsibilities.

What You’ll Do...

• Lead the evolution of Commvault’s IAM architecture across workforce, privileged, and service identities.
• Own and enhance SailPoint (Identity Governance & Administration), including lifecycle workflows (joiner/mover/leaver), automated provisioning, role modeling, access certifications, and entitlement governance.
• Ensure SailPoint integrations with HR systems, Active Directory / Entra ID, SaaS platforms, and cloud infrastructure are secure, resilient, and scalable.
• Establish and promote least-privilege access models, RBAC standards, and identity governance guardrails.
• Drive automation across identity lifecycle processes to reduce manual effort and improve control consistency.
• Partner with Cloud and Application teams to embed secure identity patterns into new platforms and services.
• Strengthen privileged access and service identity governance aligned with zero trust principles.
• Identify IAM risks, lead technical remediation efforts, and support security incident response when needed.
• Develop and track metrics related to identity risk, certification outcomes, provisioning efficiency, and control effectiveness.
• Support audit and compliance initiatives (SOC 2, ISO 27001, FedRAMP), with emphasis on governance maturity and evidence readiness.

Qualifications

• 7+ years of experience in IAM, identity governance, or security engineering.
• Strong foundation in IAM concepts: authentication, authorization, federation, SSO, MFA, RBAC/ABAC, and least privilege.
• Hands-on experience with SailPoint (IdentityIQ or IdentityNow), including lifecycle workflows, certifications, provisioning integrations, and role design.
• Solid understanding of integrations between identity governance platforms, HR systems, directories, SaaS applications, and cloud providers.
• Experience with enterprise identity platforms such as Entra ID (Azure AD), Active Directory, or AWS IAM.
• Working knowledge of privileged access management (PAM) and governance of non-human/service identities.
• Comfortable acting as a senior technical voice and influencing stakeholders across engineering and security teams.
• Practical, solution-oriented mindset that balances security, usability, automation, and scalability.

Nice to Have

• Experience modernizing or scaling an enterprise IGA program.
• Familiarity with SailPoint customization, workflows, connectors, or rule configuration.
• Experience integrating IAM and IGA controls into CI/CD pipelines and cloud-native workloads.
• Background in zero trust architecture and identity-centric security models.
• Security or identity certifications (CISSP, CISM, CCSP, SailPoint certifications).
• Experience supporting external audits and regulatory assessments.

Benefits

• Continuous professional development, product training, and career pathing.
• An inclusive company culture, opportunity to join our Employee Groups.
• Generous benefits supporting your health, financial security, and work-life balance.
• Employee stock purchase plan (ESPP).