Senior Identity And Access Management Manager

Come to work for a company you can be proud to work for.

The hiring range for this opportunity is $140,000 to $178,000 annually along with incentive opportunities, creating a competitive total compensation package based on our pay scale, and may be modified by location and is commensurate with qualifications and experience.

We are open to this role being a remote position.

POSITION SUMMARY

The Senior Identity and Access Management (IAM) Manager performs independently under the direction of the Chief Information Security Officer (CISO). The Senior IAM Manager is responsible for oversight and management of the Information Security (IS) and Information Technology (IT) Department Identity and Access Management Program for the Bank. This position will lead and direct the IAM program which includes assigning a single digital identity to each entity, authenticating them when they log into bank systems, authorizing them to access specific resources, and monitoring and managing identities throughout their lifecycle. This position supervises the IAM engineers and contractors as part of the IAM team.

This role works directly with technology and business leaders to maintain a high-level of knowledge and understanding of information security issues and oversees the IAM efforts that are utilized in conjunction with the Bank's technology systems. This position will be responsible for the development and management of IAM policy and reviewing systems to ensure compliance. The Senior IAM Manager leads and directs Identity Lifecycle Management, Authentication Management, Authorization and Access Management, and Privileged Access Management. This role is responsible for all areas of Identity and Access Management, which is one of the most important areas of Information Security.

MAJOR RESPONSIBILITIES

• Supervise and provide guidance to IAM Engineers in all areas of Identity and Access Management. This will include oversight of the IAM Program as well as the systems that support it.

• Collaborate with IT and Information Security teams to align IAM services with business requirements.

• Ensure compliance with regulatory requirements and industry standards related to IAM.

IDENTITY LIFECYCLE MANAGEMENT

• Responsible to oversee and approve the provisioning process: creating and assigning access rights to new users based on role within the Bank.

• Ensure periodic reviews and adjustments of user access rights are completed based on job changes or other factors.

• Oversee effort to securely remove or suspend access rights when a user leaves the bank or changes roles.

• Work with IT and Business staff to maintain consistent and consolidated processes for identity management.

• Oversee the integration of IAM solutions with HR systems for automated account provisioning and de-provisioning.

AUTHENTICATION MANAGEMENT

• Work with technical staff to implement and maintain a single sign-on (SSO) system is in place that is used by all Bank applications that provides users access to multiple applications while using only one set of credentials.

• Work with technical staff to implement and maintain a multi-factor authentication (MFA) method and system that is used by all required applications.

AUTHORIZATION AND ACCESS MANAGEMENT

• Oversee the assignment of Role-Based Access Control (RBAC) for systems throughout the Bank's technical environment that assigns access rights based on job roles within the bank.

• Oversee the assignment of Attribute-Based Access control (ABAC) for appropriate systems that provides access based on attributes, like job title, location, and transaction type.

• Work with both business and technical staff to implement RBAC and ABAC within appropriate systems.

• Supervise the automated rights and access approval process and systems to ensure functionality and appropriate processes.

PRIVILEGED ACCESS MANAGEMENT

• Supervise the development and implementation of automated processes to manage privileged accounts. This includes oversight to ensure these accounts are used appropriately and have regular password changes.

• Supervise the development and implementation of automated processes to manage the use of Service accounts. This includes password management.

• Develop procedures for granting, monitoring, and revoking privileged access.

• Implement solutions to detect and mitigate risks associated with privileged account misuse.

INFORMATION TECHNOLOGY BEST PRACTICE MANAGEMENT AND DEVELOPMENT

• Maintain a current high-level understanding of industry best practices regarding IT and IS risk management to improve the IT and IS risk position in reporting, policy, and procedures.

• Provide advice and guidance to IT and other managers to enhance reporting, policy, programs, and procedures.

• Collaborate with all technology groups, lines of business, and corporate functional areas to utilize best practices for IAM solutions.

• Participates as a member of IT related committees at the management and board level.

EDUCATION EXPERIENCE AND OTHER SKILLS REQUIRED

• College Degree in Computer Science or Information Security or equivalent work experience preferred.

• 5 years' experience demonstrating leadership and management skills.

• 5 years' experience in Information Technology and/or Information Security.

• 5 years' experience in Identity and Access Management or any combination of academic education, professional training, or work experience, which demonstrates the ability to perform the duties of the position.

• Demonstrate Leadership and Management Skills

• Current CISSP, CISA, CRISC, CISM or other equivalent information security or risk management certification required.

• Experience using risk based/cyber security frameworks, such as NIST.

• Experience with building and managing relationships with senior level stakeholders.

COMPANY PROFILE

Established in 1975, Tri Counties Bank is a wholly-owned subsidiary of TriCo Bancshares (NASDAQ: TCBK) headquartered in Chico, California, with assets of nearly $10 billion and more than 45 years of financial stability. Tri Counties Bank provides a unique brand of Service With Solutions for communities throughout California with a breadth of personal, small business and commercial banking services, plus an extensive branch network, more than 37,000 surcharge-free ATMs nationwide, and advanced online and mobile banking.

Tri Counties Bank remains strong and profitable through our top-down commitment to our core values, sound business principles and responsible lending practices.

Our success is also based on our community engagement. We still believe in the vision of the helpful and caring community banker. As we grow and serve more communities, we become more involved, providing substantial financial and volunteer support to local economies and community organizations. We applaud our employees who roll up their sleeves to work and volunteer for a greater good in our communities.

Tri Counties Bank hires individuals who are qualified for the role and who represent the communities in which we serve. We look to place people in positions where they can best utilize their abilities and strengths, and where they are able to grow with the Bank.

Tri Counties Bank is an Affirmative Action and Equal Opportunity Employer, Race/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Disability/Veteran.