IAM Solution Design and Implementation:
- Design, implement, and maintain scalable IAM solutions that meet the organization's security requirements.
- Develop and enforce access control policies, ensuring the confidentiality, integrity, and availability of sensitive information.
- Identity Lifecycle Management:
- Manage the end-to-end lifecycle of user identities, including provisioning, de-provisioning, and role-based access control.
- Implement and maintain automated workflows for identity and access requests.
- Authentication and Authorization:
- Configure and manage authentication mechanisms, such as multi-factor authentication (MFA), single sign-on (SSO), and adaptive authentication.
- Define and enforce authorization policies based on the principle of least privilege.
- Integration and Collaboration:
- Collaborate with cross-functional teams to integrate IAM solutions with other security and IT systems.
- Work closely with application developers and teams to ensure seamless integration of IAM controls within applications.
- Security Compliance and Auditing:
- Conduct regular access reviews and audits to ensure compliance with security policies and regulatory requirements.
- Provide documentation and reports for internal and external audits related to IAM controls.
- Incident Response and Troubleshooting:
- Participate in incident response activities related to identity and access management.
- Troubleshoot and resolve IAM-related issues in a timely manner.
- Emerging Technology Evaluation:
- Stay informed about industry trends and emerging technologies in IAM.
- Evaluate and recommend new tools and technologies to enhance IAM capabilities.
QUALIFICATIONS
Knowledge and Skills
- Translate security-related matters into business terms that are clear and understandable to executives.
- Able to navigate a demanding, high-pressure environment and deliver under tight deadlines.
- Think strategically and incorporate business needs into technical roadmaps.
Personal Characteristics
- Is a confident, energetic self-starter, with strong interpersonal skills.
- Self-motivated and possessing of a high sense of urgency and personal integrity.
- Excellent communication and collaboration skills.
- Strong analytical and problem-solving skills.
- Good organizational skills and attention to detail.
- Ability to work independently and in a team environment.
- Highest ethical standards and values.
- Has a continuous improvement mindset.
Professional education and experience:
- Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISM, IAM certifications) are a plus.
- 6+ years of Identity and Access Management. Proven experience as an IAM Engineer or in a similar role.
- In-depth knowledge of IAM principles, technologies, and best practices.
- Strong understanding of identity protocols such as OAuth, SAML, and OpenID Connect.
- Experience with IAM tools and platforms (e.g., Azure AD, Okta, Oracle, or Ping Identity).
- Experience with Identity Governance (IGA) best practices and technologies (e.g. Oracle, SailPoint, Saviynt) with at least one prior implementation.
- Familiarity with cloud-based IAM solutions and integration with cloud platforms.
- Proficient in designing and implementing privileged access management solutions to secure and monitor privileged accounts and activities. Experience with Privileged Access Management solutions such as Delinea (Thycotic/Centrify), Beyond Trust, CyberArk.
- Knowledge and understanding of legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry/Data Security Standard, GDPR, and PIPL.
- Knowledge of information security risk management frameworks and compliance practices, including ISO 27001, SOC2 Type 2, and NIST 800-30.
- Experience deploying passwordless authentication is a plus.
- Knowledge of Customer IAM is preferred.
- Oracle EBS experience and Oracle cloud experience preferred.