Manager Information Security

Job Description

What you will do In this vital role you will be an integral part in driving growth & innovation, improving efficiency and creating enterprise value supporting our mission To Serve Patients. The Manager-Information Security will be responsible for the oversight and hands-on leadership of the Directory Services (AD and LDAP) team within the Digital Identity Access Services (DIAS) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in Active Directory, Enterprise Unix LDAP and other Directory services. Candidate should have a deep understanding of security standard processes, and the ability to lead a team in a dynamic, global environment. Roles & Responsibilities: Manage Amgen's Internal and External PKI Technologies Manage External PKI vendors like Sectigo and Entrust Develop and maintain the Directory and LDAP standards and architecture, ensuring that it meets industry standards and best practices Assess and select IAM technologies and tools that align with Amgens IAM strategy Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations Develop and implement the IAM (Identity Access Management) strategy aligned with the organization's information security goals and regulatory requirements. Lead the design, implementation, and management of IAM solutions, including governance for Directory Services. Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights. Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information. Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks. Know the latest with industry trends, emerging threats, and standard methodologies in IAM. Collaborate with IT and security teams to integrate IAM solutions with other security and business systems. Develop and maintain key performance indicators (KPIs) to track service metrics and generate regular reports for management. Evaluate and implement IAM tools and technologies to enhance security and streamline processes. Participate in vendor proposals, contract negotiations, and support renewals. This role on occasion might have responsibilities outside of business hours. Travel: International and/or domestic travel up to 10% may be essential. Basic Qualifications: Masters degree with 4 to 6years of experience related field OR Bachelors degree with 6 to 8 years of experience in related field OR Diploma with 8 - 12 years of experience in related field. Preferred Qualifications: Must-Have Skills: Strong knowledge of Internal and External PKI (Public Key Infrastructure). Strong knowledge of Directory Services and LDAP Services. Solid understanding of Active Directory Domain structure and security, Windows Operating Systems and Domain Controllers, Azure AD and Microsoft Entra ID. Strong knowledge of LDAP directories and managing LDAP Structure. Knowledge of LDAP Schema and configuration changes. Create and modify Shell Scripts for bulk LDAP operations. Creation and implementation of LDAP Business Continuity plans. Familiarity with security standards and regulations (e.g., NIST, ISO). Experience with Authentication, Provisioning/De-provisioning, Role Management, Session Management and Directory Services. Experience in driving transformation initiatives using Scaled Agile methodology. Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization. Good-to-Have Skills: Work experience in the biotechnology or pharmaceutical industry. Degree in Computer Science, Information Systems, or Engineering. Familiarity with GxP standards, Information Security standards and policies like ISO 27001/27002, NIST and others. Strong problem-solving and analytical skills. Demonstrated ability to work effectively in a fast-paced, dynamic environment. Understanding of ITIL processes and implementation. Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications CompTIA Security+ (preferred) Cloud Identity or Security Certification (preferred) Microsoft Azure Certification (preferred) Soft Skills: Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills.