Position Title:
Information Security Manager - Identity & Access Management
FLSA Status:
Exempt – Professional
Reports to:
Chief Information Security Officer
Summary of the Job:
The IAM Manager is responsible for the planning, building, delivery and support of the IAM program’s strategy. Will provide direction and guidance to the development, specifications and communications of the IAM application, architecture, provide in-depth technical consultation to the business units, and transform the IAM program from manual framework to a modernized, automated system.
Essential Functions:
- Support and oversee the daily operations of IAM services, regular auditing of access controls, and provide metrics for performance/compliance
- Provide a strong IAM program that balances access with compliance and confidentiality
- Identifies and evaluates complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement
- Identifies the broader impact of current decisions related to user access, data access, and information security
- Aligns IAM processes across the organization, develops and documents standards for organizational use, communicate program status with stakeholders
- Understands business and information technology management processes. Demonstrates advanced understanding of regulatory, business processes, internal control risk management, IT controls, and related standards
- Builds and nurtures positive working relationships with business units
Additional Functions:
- Participate in proactive team efforts to achieve departmental and company goals.
- Serve as a security model to others through example and sharing of knowledge/skill.
- Perform other duties as assigned.
Required Education/Experience:
- Bachelor's degree in computer science, information systems, cybersecurity, or related field; or, equivalence of 4 years of related working experience in identical or similar role, required.
- 5 years of experience in IAM technology implementation, including: 3 years in developing, implementing and architecting information systems, and 3 years technical architecture experience integrating identity management, access management and access governance software into clients’ infrastructure and applications
- One or more security certifications required (CISSP, CISA, CAMS, CIAM, CIGE, CISM)
- Identity management familiarity in the following areas: enterprise directory architecture and design, resource provisioning, single sign-on, privilege access management, identity and access governance, role-based access control, access request and certification, user life cycle management processes, and organizational change management.
- Experience with administrating authentication technologies, such as Microsoft Active Directory/Windows authentication, OpenLDAP, SAML, Kerberos, OpenID Connect, OAuth, and federated identity management; or administrating IAM technologies such as Saviynt IGA.
- Expert understanding of IAM concepts, including federation, authentication, authorization, access controls, access control attacks, identity and access provisioning life cycle.
Necessary Skills:
- Strong logical ability, problem solving ability, good oral and written communication skills, thorough, takes initiative, professional appearance/demeanor, dependable, flexible with schedule, loyal, organized, and courteous.
Physical Activity/Dexterity:
- Manual dexterity sufficient to reach/handle items and work with fingers. Works with fingers and perceives attributes of objects and materials.
Physical Environment Demands:
- Must be able to remain in a stationary position 90% of the time.
- The person in this position needs to occasionally move about inside the office to visit other offices, conference rooms, office machinery, etc.
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and telephone.
- Constantly positions self to operate on a computer.
- The person in this position frequently communicates with other people throughout each day. Must be able to exchange accurate information when conversing.
Working Conditions/Environment:
- Well-lighted, heated and/or air-conditioned indoor office setting with adequate ventilation.
- Moderate noise (e.g. business office with computers and printers, light traffic).
Work Schedule/Hours:
- Monday through Friday; 8:00 a.m. – 5:00 p.m.
- Available for extra hours as needed.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)