Information Security Identity and Access Manager/Director
Department: Information Security
Reports To: The CISO
The IAM manager will be responsible for end to end management for assigned projects related to IAM Hygiene initiatives including project planning, delivery, client interaction, trouble shooting, execution, monitoring, control and people management. Provide security technical expertise and project leadership for the Identity and access management team. Review projects, new applications, and existing user access for appropriate security controls and segregation of duties. Establish and document policies, procedures and guidelines related to user and system access. Assist in compliance reviews and ensures processes and procedures are in compliance.
Responsibilities and Duties:
Implement a formal program to enhance and centralize the Identity and Access Management (IAM) function
Formulates and defines system's scope and objectives based on both user needs and a good understanding of the application, business, operational and/or industry requirements
Analyzes, defines, and prioritizes the business functional specifications for IAM initiatives. Helps to develops project scope, charter, constraints and assumptions for assigned projects
Responsible for stakeholder relationships to establish project expectations and priorities, coordinates and reports on project progress and accomplishments to the project team stakeholders, and sponsors
Demonstrates the ability to work with people and teams in a flexible, collaborative, and resourceful manner, with the ability to influence, to achieve project objectives
Centrally manages user security and entitlement reviews and certifications, as well as interfacing with internal clients and external vendors.
Meet with current application owners to analyze and create centralization plan and path to ensure compliance with existing procedures
Must understand all IAM functions including but not limited to user entitlement reviews and toxic combinations
Assist IAM team perform user entitlement reviews and certifications
Ability to work on Windows OS (active directory) and Linux environment is required
Security administration by securely provisioning user accounts and permissions for access into systems, services and shared folders for proper user access. Ensure that proper security settings are set up to reflect the functionality of the client requiring access
Assist to govern all system and user ID management processes along with monitoring the activity and requests where users require access in a timely manner.
Assist analyze potential security tools and applications to enhance and improve the processes, procedures and functions of security and identity management team
Work with team members and manager to design better systems and processes to improve efficiencies and automation
5-10 years of experience in Information security including Identity and Access Management
Extensive experience in business analysis, documentation and user access review
Extensive knowledge of project management best practices, tools, and techniques
Extensive knowledge and experience with privileged identity management, access governance and other IAM solutions such as Activie Directory, Okta, Saviynt, Arcos, CyberArk, SailPoint, etc.
Mid to senior level IAM Security Administrator with 5-7 years of experience in production environment
Must be able to perform active directory functions such as adding users, disabling users, password resets, group management and application account provisioning and de-provisioning
Must be able to review application security and make recommendations for improvements
Strong communications skills (written and verbal) to be able to work with technical and non-technical team members
Ability to train, manage and assist co-workers and direct reports on all aspects of the program build and evolution
Exceptional organizational, interpersonal and team skills
Ownership orientation to solving problems
Education Bachelor's degree in computer science or related area
Industry recognized certification in security (e.g., CISSP, CISA, CISM, CEH, etc.)
Experience with MRC accreditation and deep understanding of the online advertising industry and ad platforms (networks, DSPs, ATDs, SSPs, Exchanges)