Senior Director, Identity Governance

Position Overview

Hearst Technology is seeking an experienced, strategic and hands-on Sr.

Director of Identity Governance to lead and operate the enterprise identity program across the Hearst Corporation.

This is a senior leadership role for a deep practitioner of identity governance - someone who understands not just the tools, but the underlying principles that make an identity program effective at enterprise scale: how access should be modeled, how it should be granted and revoked, how it should be certified, and how governance policy translates into real controls that reduce risk.

The Senior.

Director will own the full identity lifecycle across a complex, multi-brand enterprise supporting over 25,000 user accounts across 360+ global businesses.

This includes identity governance and administration (IGA), identity provider (IdP) and single sign-on (SSO) platforms, privileged access management (PAM), secrets management, and the Microsoft Active Directory and Entra ID environments that underpin them all.

Operating as a platform-as-a-service model, this role delivers identity services to internal Hearst business divisions.

The Sr.

Director will architect, design and oversee the engineering of enterprise identity solutions; manage a team of 5-9 identity professionals; and drive vendor relationships, licensing strategy and IT cost optimization across the identity portfolio.

Responsibilities
Identity Governance & Administration


* Co-author enterprise IAM policies and standards in partnership with Information Security, Risk and Compliance, providing clear guidance and guardrails for all Hearst business units on identity, access and directory practices.


* Lead the design and operation of access certification programs, ensuring timely, risk-appropriate review of entitlements across applications, infrastructure and privileged systems.


* Architect and mature the enterprise role model, including role-based access control (RBAC) design, role mining, role lifecycle management and separation of duties (SoD) frameworks.


* Drive the joiner/mover/leaver (JML) lifecycle program, ensuring identity provisioning and deprovisioning is accurate, automated where possible, and tightly integrated with HR systems of record.


* Establish and enforce least-privilege principles across the enterprise, with a structured approach to identifying and remediating access sprawl, orphaned accounts and over-privileged roles.


* Participate in and support audit activities conducted by internal audit, external auditors and regulatory bodies, providing documentation, walkthroughs and remediation support as required.


* Partner with the Information Security, Risk and Compliance teams to ensure identity governance controls satisfy SOX, HIPAA and PCI DSS requirements, and support audit activities with documentation, walkthroughs and evidence.

Strategic Leadership & Program Ownership


* Define and execute the multi-year strategy for Hearst's enterp...