- Responsible for working with the business and other IT resources implement IT Security controls by leveraging existing IAM tools
- Performs all procedures of basic to high complexity necessary to ensure the core objectives of IT Security. Reviews and maintains security operations for large organizational units and/or complex enterprise-wide projects
- Performs root cause analysis of moderately complex to highly complex security issues and determines the best course of action to remedy the problem
- Investigates and resolves security incidents as needed
- Ensures that IT Security architecture / designs, plans, controls, processes, standards, policies, and procedures are aligned with IT standards and overall IT Security objectives
- Identifies security risks and exposures, determines the causes of security violations, designs and implements procedures to prevent and mitigate future incidents
- Able to create and execute short to medium term strategies
- Proactively Determines if an event needs to be escalated to management or outside of the unit
- May recommend new policies and procedures to management and has wide latitude to decide on the best course of action for new procedures
- Recommends course of action for low to moderately complex situations
- 5 years in IT and/or Cyber Security environment
- Bachelor's Degree or a minimum of three years in IT at an organization with over 10, 000 employees
- Must have a basic understanding of computer security concepts including access management, application security, and risk & compliance
- Knowledge of Identity and Access Governance principles
- Java scripting in one or more of the following environments: SailPoint, Sun Identity Manager, Oracle Identity Manager, IBM Tivoli Identity Manager
- Experience with rights and permissions on Active Directory, Mainframe ACF2, UNIX and Linux
- Knowledge with MS Office including Visio.
- Experience with SOX and PCI audits are a plus
- 5+ years of IT experience. The more years of direct Identity and Access Management experience the better, but will consider training the right candidate.
- Should have experience in one or more Identity Management disciplines, such as: Identity Lifecycle Management, Authentication, Authorization, Federation, Access Management, Access recertification, Role and Entitlement models, Directory technologies (LDAP) etc.
- Should have solid understanding of applications and system IAM architectures and best practices
- Deliver technical security configuration expertise in implementing enterprise-wide IAM ecosystem
- Act as trusted security professional with ability to provide strategic and technical direction in leading activities in computer security concepts including Identity & Access Management, Application Security, and Risk & Compliance
- Experience understanding operational and security requirements and translation of those requirements into technical IAM capabilities.
- Ability to effectively communicate and advocate key security requirements and control implementation to development team
- Must have development skills and a solid understanding of secure system development life cycle (SDLC)
- Bachelor's Degree or equivalent experience
- Relevant security industry certifications preferred including but not limited to CISSP, SSCP, and CISM etc.
- Must have an understanding of computer security concepts including Identity & Access Mgmt, Network Security, Application Security, Incident Management, or Risk & Compliance
- Must have a moderate understanding of network concepts and protocols (such as DNS, SMTP, FTP, etc.)
- Expert knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to cyber security, the company and its objectives
- Familiar with IT Regulations, PCI / Sarbanes-Oxley / MA privacy laws
- Solid working knowledge with MS Office
Duration: 6 Months +