Manager Information Security - Identity and Access Management (IAM) - Full-time / Part-time

POSITION PURPOSE –

The Manager, Identity and Access Management (IAM) is responsible for defining the IAM strategy and structure and implementing appropriate oversight and controls to ensure compliance with IAM operational process and procedures and defined regulatory standards. This person is responsible for the following:

* Governs the identity lifecycle processes around roles/rules, monitoring access control processes to ensure they are effective, efficient and in compliance with standards and control objectives
* Develops IAM standards and controls and implements procedures to ensure defined standards and controls are operating effectively
* Manages and implements procedures to control information workflow for the addition, modification, and removal of user access across in-scope platforms and applications
* Provides advisory and consultation to system development projects around IAM requirements/controls
* Implements role management for both external and internal application needs, providing multiple methods for the management of roles
* Analyzes and resolves complex authentication, integration, and automation issues.
* Provides guidance on integrating the identity management authentication and authorization framework into new and existing applications
* Establishes an automated process for full user lifecycle provisioning to company systems (requesting, approving, implementing and auditing user access), ensuring new process will comply with regulatory standards including PCI and SOX.
* Implements procedures and controls to ensure password settings are in compliance with IT Security Standards

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES –

• Builds relationship with key user and store operation groups to identify and resolve business issues.
• Manages and provides technical and business direction that affects capacity planning, new applications, data security, and LAN systems, among others.
• Manages and tracks the progress of multiple projects. Project management and administration that include work plans, projtrac, resource planning and control, writing status reports, and preparing annual budgets. Conduct regular project reviews.
• Resolves information services problems by analyzing issues, discerning the most appropriate courses of action, providing tactical direction and, when necessary, reallocating resources.
• Provides operations analysis and consults to internal clients on business process improvement.
• Conducts financial analyses to support strategic planning on system purchases, upgrades and reclamation. Negotiates favorable prices with vendors on hardware and software.
• Communicates status of activities with the team, peers, management, and end-users.
• Selects, develops and motivates assigned staff.

NATURE AND SCOPE -

• Typically reports to a Director, Senior Manager, or Vice President.
• Typically have supervisory responsibilities for Engineers or Specialists at all levels.
• Typically requires frequent persuasion or influencing of others.
• Typically procedures for analyzing situations and making conclusions are diverse.
• Typically considers among many different options or procedures when solving problems.
• Typically, once given general assignments, determines priorities and defines what should be done and how to do it. 

ENVIRONMENTAL JOB REQUIREMENTS -

Under constant pressure to continuously meet tight deadlines, demanding quotas and/or must regularly deal with difficult situations.

MINIMUM QUALIFICATIONS -

• Must be eighteen years of age or older.
• Must pass the Drug Test.
• Must successfully complete any required training or orientation courses.

EDUCATION REQUIRED - 

The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED. 

YEARS OF RELEVANT WORK EXPERIENCE - 5

PHYSICAL JOB REQUIREMENTS - 

Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. 
On rare occasions there may be a need to move or lift light articles. 

ADDITIONAL QUALIFICATIONS - 

• Knowledge of Single Sign On Federation products using SAML 2.0 and Oauth technology.  Products such as (PING Federate, Microsoft ADFS, etc.) 
  Experience with RSA secureID for 2 factor authentication.
• Working knowledge of Identity and Access Management package solutions - Oracle, IBM, CyberArk
• Knowledge of Dell/Quest toolset (ARS, RMAD, etc.). Experience integrating directories for access management and SSO. Experience in troubleshooting of complex enterprise-architected systems on multiple platforms
• Ability to deploy Highly Available and Robust infrastructure
• Knowledge of evaluating performance and tuning LDAP environments
• Experience utilizing security best-practices to tighten access to LDAP resources and Identity and Access Management Solutions. Strong Windows system administration and deep understanding of Windows security. Information Security experience particularly with Identity and Access Management.
• Extensive knowledge of Active Directory and LDAP protocol
• Working knowledge of Identity and Access Management technologies – SSO, Web Access Management, Entitlement/Certification Management, Federation, Directory Services, Password Management, Provisioning and Job Role Management

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES-
* BS - Computer Science, IS or Math or Bachelor's Degree in a related subject 
* 7-10 years of experience in Systems and Information Security administration with at least 3-5 years professional experience designing, implementing and managing enterprise Identity and Access Management programs; at least 3 years at the Manager level or higher
* Detailed knowledge of directory server and protocol technologies (Oracle, TDS, and AD)
* Deep experience in designing and implementing access management solutions – WAM/SSO, PAM, Entitlement Mgmt.,  Federation - & Identity Management solutions – Directory services, Password Mgmt., Recertification, Provisioning and Job Role Mgmt.
* Technical understanding of password management capabilities and procedures to implement/manage password requirements
* In depth understanding of authorization/access control models. Practical/business understanding of role and rule based access control models (how, why and when to use).
* Strong leadership and interpersonal skills in areas such as teamwork, facilitation and negotiation.
* Excellent written and verbal communication skills.
* Thorough understanding of Information Security frameworks and best practices (e.g. PCI, ISO, NIST)
* Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) rating is desired