The Security Architect – Identity Access Management (IAM) in Cybersecurity Services, is responsible for a comprehensive review of the existing identity access management controls (on-premise and cloud), influencing change in the controls standards, creation of easily consumed IT security standards, creation of access specific security patterns & diagrams, and ownership of the IAM security capability roadmap. This role is an essential ambassador for the shift in the technology culture to a Security-First culture.
- Produce security architecture work as part of initiatives related to network security; Create and drive the IAM security capability 3-year roadmap with within Cybersecurity Services & respective IT partners
- Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners
- Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the access management security posture
- Identify access management gaps through proactive discovery and partner with app dev teams for remediation
- Evaluate the existing access management controls, on-premise and cloud, identify improvements, and build plans into roadmap for implementation
- Minimum of 7 years of strong Cybersecurity experience across network, application (web, API) & public/private cloud security architecture (web application firewalls, containers, etc..)
- Experience in architecting IAM sub-capabilities (authentication/authorization, user behavior analytics, provisioning)
- Solid experience in identifying access management control gaps
- Understanding of core cryptography concepts.
- Bachelor’s degree required.