-
Responsible for setting up, developing, implementing, and continually improving an IAM program, to support the governance of access principles and to ensure high security standards \& integrity of the company's information systems/data.
-
Design and implement IAM concepts and best practices such as, access \& identity management, privileged accounts management, account types (e.g. B2C), access reviews, IAM lifecycle, etc.
-
Design and implement the program across principles of RBAC, ABAC, PBAC, Segregation of duties, least privilege, etc.
-
Identify gaps between existing processes, tools, and technologies and the desired future state, and develop prioritized recommendations to mitigate identified gaps.
-
Spearhead the identification and selection of adequate and appropriate IAM tools.
-
Develop a prioritized roadmap that outlines the steps and resources needed to deploy the necessary IAM Tools and processes.
-
Lead implementation projects around IAM technologies and processes.
-
Drive audit and compliance activities related to IAM by ensuring access controls are well-documented, aligned with regulatory requirements, and verifiable through regular access reviews, reporting, and evidence collection. Collaborate with internal and external auditors to support IAM-related audits and ensure timely remediation of findings.
-
Assist in the drafting, review, update, development, and implementation of security policies, standards, and procedures to secure access, ensuring security and compliance with associated risks, contracts, regulations, and industry standards.
-
Create, maintain \& enhance processes related to the lifecycle of Identity Access Management and supporting documentation, across the enterprise, including identity governance and administration (IGA), Privileged Access Management (PAM) and Customer identity and Access Management (CIAM).
-
Drive enhancements to IAM security that are both practical and achievable using a balanced approach that considers business needs as well as information security risk.
-
Conduct regular IAM risk assessments and vulnerability assessments, making recommendations for improvements and mitigation strategies, accounting for people, processes, and technology, and associated security controls.
-
Work with management to assess, design, and implement IAM solutions and operating processes to address key and evolving risks.
-
Assist in the third-party risk assessments process to ensure risk identification, transparency and business acceptance and contractual obligations.
-
Control monitoring and review of internal security risk assessments associated with the IAM program.
-
Ensure compliance with relevant regulations and industry standards (specifically, ISO 27001).
-
Develop, document, and assess measures, metrics, and internal controls.
-
Assist in all current and future security related audit and certification processes.
-
Support audit and assessment activities, such as internal and external audit, vendor assessments, benchmarking, etc.
-
Stay current with industry trends and emerging technologies and identify opportunities to integrate them into the IAM and information security program.
-
Identify new identity and access management requirements through industry resources, research, and consultation with technology subject matter experts.
-
Bachelor's degree in computer science or the equivalent work experience is required. Graduate degree preferred.
-
Information security certifications, such as CISSP, CISM, ISO27001, CCSP or equivalent preferred.
-
Minimum of 5 years of prior experience in Identity and Access Management in a medium or large size organization is required.
-
2 years of experience in managing deployments of at least one of the following IAM vendors suites: Microsoft Entra ID Governance, SailPoint, Saviynt, CyberArk, Okta, BeyondTrust or similar solutions.
-
Management experience in financial services industry is beneficial.
-
Experience with information security management frameworks is preferred.
-
Knowledge of zero-trust security principles
-
Strong interpersonal communication, analysis, and writing skills.
-
Able to align management and leadership strategies when working on projects.
-
Ability to work effectively with business unit and IT department managers, including Application Development, Infrastructure, Operations, Network, Technical Support, and others.
-
Superior verbal and written communication skills.
-
Must be a team player.
-
Ability to successfully lead extended teams through new and complex concepts and processes.
-
Office environment
-
Periods of high volume with tight timelines
-
Long periods of stationary position/sitting
-
Prolonged periods of repetitive movement (i.e. using a keyboard and mouse)
-
Long periods of time in viewing a computer screen
-
Multi-tasking may include speaking to customers on a telephone call while looking up information on a computer program.
-
Competitive Compensation
-
Comprehensive benefits program (i.e., Health Spending Account, Maternity and Parental Leave Top Up)
-
Hybrid working environment.
-
Extensive training programs to set our employees up for success
-
Modern office environment conducive to collaboration
-
Supportive teamwork culture
-
Opportunities to give back to the communities and work through events focused on a variety of charities
-
Ongoing social events throughout the year
