Job Description
As a Cyber Security IAM Architect for our Client, your role will include the following remit:
· Lead the Identity and Access Management architecture domain.
· Define the IAM strategy, the reference/target Architecture, blueprint for your domain in close collaboration with your stakeholders (IDAM, GTS, GBS, Security Architecture and Enterprise Architecture).
· Design the architecture principles, tools, patterns, building blocks and contribute to IAM policies, standards and solutions.
· Advise on solution designs, implementation, and processes required to protect information system assets in line with the IAM and IT strategy.
· Provide guidance and act as a facilitator to ensure security standard and best practices are applied consistently and in a meaningful way across all divisions and the group.
· Share experience and vision to build security awareness with business stakeholders, business/application/solution architecture, IT and operational teams. Become the go-to person for the IAM domain.
· Collect feedback from stakeholders, detect unaddressed security IAM needs and identify opportunities for improvements or new architecture services.
· Translate the business requirements, risk assessments, high-level policies, and controls into security architecture requirements and designs for existing or new IAM capabilities, services and projects on business and IT side.
· Participate in discussions on IAM subjects, operational process design and implementation of security controls into project delivery.
· Recommend and advise on new or improved security IAM capabilities towards senior CISO and IT management.
· Produce documented security services, technical standards or principles.
· Act as a security subject matter expert within your domain.
· Additional knowledge on other domains will be used to assist other Cyber Security Domain Architects covering other security domains (for example Data Centre & Physical Security, Data Security, PKI and Cryptography, Network security, platform security, Application Security, secure coding, End Point Security etc.)
· Your stakeholders are mainly Tribe Leads, Product Owners, Project Leaders, Enterprise Architects, risk management, internal/external Auditors and IT engineers, Developers and Solution Designers.
Profile
You have experience in the following areas:
· Proven experience in Identity and Access Management architecture, security architecture, security governance, risk assessments, design and management reporting.
· Deep knowledge of the IAM and CIAM framework and industry best practice, Identity Governance, Logical and Privileged Access Management, Role Modelling, Access Recertification, and authentication mechanisms.
· Familiar with market leader’s products CyberArk, SailPoint, Microsoft Azure AD, Microsoft AD, Beyond Trust, One Identity and its implementation in a strong regulated and complex environment.
Knowledge and experience with security technologies, identity management platforms, secure access management and federation, IDAAS (Identity as a service), Single Sign On, SAML, Opend ID Connect, OAUTH, multi-factor authentication, PKI and cryptographic solutions, web application firewalls, automated code review tools, Cloud SAAS solutions
Experience
You have:
· Solid experience as a cyber security professional within a security architecture covering Identity and Access Management domain.
· +10 years cyber security professional experience with at least 5 years in domain or enterprise architecture experience
· Ability to articulate a mid/long term vision for the evolution of security technologies and services.
· Exposure of working in multiple companies/cross industries. Worked in financial or highly regulated industries.
· Professional certifications such as TOGAF, SABSA or IAF architecture frameworks. CISSP, GIAC, CISM, ISO 27001 LA/LI or specific security product certifications are an asset.
· Experience translating business requirements into technical solutions.
· Good working knowledge of documentation and presentation applications including PowerPoint, Visio, Excel, and Word.
· University degree in Computer Science, Engineering or similar degree.
· Fluent in English mandatory.
Soft skills
· You are well organized and have good planning and timing management skills.
· You can research, analyse, and solve complex problems.
· You can exercise initiative and use good judgment to make sound decisions.
· You are autonomous and independent, yet know when to make use of your colleagues’ knowledge and know when to report and share relevant information to a targeted audience.
· You have the skill to maintain accuracy, attention to details and meet deadlines.
· You can present findings, conclusions, alternatives, and recommendation clearly and concisely.
· You operate within an international/multi-cultural, networked environment.
· You are a team player who communicates in an open minded, respectful, and constructive way with customers and peers, both verbally and in writing.
· You have strong communication skill, able to discuss, defend and translate complex security topics with both senior IT or business Management and with deep technical IT experts.
· You can handle different projects and cope with pressure and stressful situations.
· You take ownership and ensure that organizational quality standards are met.
· You are customer and service-oriented.
