Role & responsibilities Implement and maintain the security policies and procedures for the complete Identity Management and Access Control life cycle, including the implementation of Access Control. Analyze ASLs business and systems and adopt the best use of Identity and Access Management infrastructure tools for overall business success. Support the evolution of the Identity and Access Management program by implementing and leading integration processes, framework, and activities. Collaborate with application and infrastructure teams to understand scope and requirements of the system to comply with Security process, procedures, policies and best practices. Create and develop standards, guidelines, workflow processes and participate in Access Management Compliance and internal audit exercises as required. Direct design and Implement web access management with single sign-on (SSO) access to multiple resources to create a more efficient and satisfying user experience. Design and implement services interfaces while applying technical standards that enable and protect API access which meets enterprise architecture, security, and privacy needs. Design and implement the Role Based Access Control (Matrix) across ASL systems and applications, enabling users to access resources based on assigned job role. Handle the deployment, configuration and on-going administration of Identity management and Authentication products on an enterprise scale while adhering to Group level Information Security standards and guidelines. Develop Identity Management Integration plan and framework for internal and external applications. Lead the planning and design of enterprise VPN solutions for secure authorization based on international standards and best practices. Implement, and provide continuous improvement by defining the business use of enabling IAM technologies such as Access Control, Multi-Factor Authentication, Privileged Access Management, Single Sign-On, and core Identity Management services. Configure and implement access and authorization controls and provide various security-related services related to Identity Management and Access Control to end users (answering questions, processing requests, and escalating issues as appropriate) and update authorization lists on a regular basis. Conduct security testing of information access systems to highlight security weaknesses and provide recommendations for the effective solution of those issues. Ensure the quality of deliverables and data security across multiple projects in terms of supporting requirements analysis and the technical architecture. Report the compliance level of SOD matrix for all key business applications. Preferred candidate profile Excellent understanding of authentication, authorization, role-based access, least privilege and segregation of duties access control concepts. Proven experience leading the troubleshooting and solving issues related to identities, access, accounts, authentication, authorization, entitlements, and permissions. Hand on experience in one or more IAM technologies such as Quest One Identity Manager, Okta, Thycotic (PAM), Multi-Factor Authentication (MFA), Active Directory etc. Understanding of Information Security principles and basics of Information Security policy, techniques and implications across computing platforms. Certifications on either CISA / CISSP/CISM preferable. Familiarity with compliance processes and standards. Strong analytical & problem-solving skills with ability to translate ideas into practical implementation. Ability to manage stakeholder relationships including team members, vendors and partners. Excellent leadership and communication skills with ability to present and communicate effectively with both technical and non-technical audience.
