Job
Description
Description Key ResponsibilitiesIAM/PAM/IGA Strategy and Architecture for Migration Projects Define and implement IAM, PAM, and IGA strategies tailored to the requirements of application migration, ensuring robust access management during and after migration. Assess current access controls and recommend improvements to align with security best practices and compliance standards during migration. Design and oversee secure frameworks for identity management, privilege escalation, and governance in new application environments. Access Control Implementation and Management Deploy and configure IAM/PAM/IGA solutions (such as Okta, CyberArk, SailPoint) within sprint cycles, ensuring seamless integration with migrated applications. Develop and enforce role-based access control (RBAC), least privilege principles, and secure access protocols across applications and data assets. Manage privileged accounts by implementing PAM practices that protect critical resources during migration to cloud or hybrid environments. Application Migration Support within Agile Sprints Work closely with Agile teams to ensure IAM/PAM/IGA requirements are integrated into sprint planning, execution, and testing phases. Provide expertise on managing access controls and governance requirements in short sprint cycles, ensuring they align with migration milestones. Act as an advisor to development teams, ensuring that IAM/PAM/IGA practices are consistently implemented in each sprint and across each application migration. Risk Mitigation and Compliance Ensure that access management processes adhere to regulatory requirements (e.g., SOX, GDPR) and industry standards, such as NIST and ISO. Conduct risk assessments specific to access management within the migration project, identifying vulnerabilities and implementing controls. Document IAM/PAM/IGA configurations and processes, providing reports to support audits and compliance verifications. Cross-Functional Collaboration and Training Collaborate with cybersecurity, application, and infrastructure teams to align IAM/PAM/IGA solutions with broader security requirements. Train team members and stakeholders on IAM/PAM/IGA best practices, tools, and configurations specific to migration and Agile environments. Serve as a subject matter expert, offering guidance on IAM/PAM/IGA issues related to application migration projects and Agile sprint schedules. Continuous Improvement and Incident Management Regularly evaluate IAM/PAM/IGA solutions to ensure they are up-to-date and capable of addressing new security risks and compliance needs. Respond to security incidents related to access management, working with incident response teams to mitigate impacts and prevent future occurrences. Support continuous improvement initiatives by refining access management policies and processes, leveraging lessons learned from previous sprints and migrations. Required Skills and QualificationsEducational BackgroundBachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Advanced certifications such as CISSP, CISM, CISA, or specific IAM/PAM/IGA certifications (e.g., CyberArk, SailPoint) are preferred. ExperienceMinimum of 7-10 years of experience in IAM/PAM/IGA roles, with a strong focus on application migration and Agile sprint cycles. Technical ProficiencyIn-depth knowledge of IAM/PAM/IGA tools (e.g., Okta, CyberArk, SailPoint, ForgeRock) and hands-on experience with implementing these tools in cloud and hybrid environments. Knowledge of Agile and DevOpsExperience working within Agile sprint cycles and knowledge of DevOps practices related to secure access management during application migration. Preferred CompetenciesProblem-Solving and Analytical Skills: Ability to assess security needs, identify risks, and recommend effective access management controls. Communication Skills: Strong communication skills for interacting with technical and non-technical stakeholders, conveying complex IAM/PAM/IGA concepts clearly. Attention to DetailPrecision in configuring and managing access controls to prevent unauthorized access and ensure compliance. Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Agile methodology;ServiceNow Release Management;release management;cybersecurity Languages RequiredENGLISH Role Rarity To Be Defined
