Eames Consulting Group Ltd
16/09/2024
Full time
Senior Identity and Access Security Manager Birmingham (Hybrid) Key Responsibilities: Ensure robust security practices are in place to protect against identity-related threats by collaborating with architects, security professionals, and both internal and external stakeholders. Establish standards and lead the design and implementation of identity and access management processes and controls to enhance operations and reduce risks. Guide internal business teams on best practices, identify and address any concerns, and serve as the liaison between business and technical teams on all identity and access management (IAM) matters. Contribute to the development and maintenance of the Information Security policy framework in accordance with risk appetite, legislation, and industry best practices. Develop and uphold cyber policies and standards aligned with recognized frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations. Facilitate the creation of enterprise IT solutions, considering critical factors such as APIs, security, scalability, manageability, and usability, leading to comprehensive and effective outcomes. Act as a Subject Matter Expert (SME) from the user's perspective, assisting in developing functional requirements, processes, and automation. Produce accurate and concise reports, Key Risk Indicators (KRIs)/Key Performance Indicators (KPIs), and executive summaries on Information Security topics and techniques. Contribute threat knowledge to IAM and Privileged Access Management (PAM) requirements. Identify and address security concerns proactively and manage high-risk vulnerabilities. Participate in and contribute to various organizational committees. Skills and Abilities: Understanding of IAM concepts and best practices. Familiarity with security and compliance frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations. Experience managing multiple demands from various stakeholders while ensuring timely and high-quality delivery. Excellent written and verbal communication skills, with the ability to convey technical and security-related concepts to diverse audiences. Ability to prioritize tasks and deliver results in high-pressure situations through strategic and tactical planning. Capability to manage significant stakeholder interactions, offering expert advice and demonstrating business acumen. Proven ability to build strong relationships across different business units. Confidence and effectiveness in communicating with a range of stakeholders. Self-motivated, autonomous, results-driven, and adaptable in approach. Knowledge of data regulations and requirements in various regions including the UK, US, and globally. Strong grasp of IT security principles, especially related to IAM and PAM. Knowledge and Experience: At least five years of experience in Identity and Access Management. Proven success in developing and executing enterprise identity solutions. Familiarity with IAM concepts and best practices, as well as security and compliance frameworks. Experience with managing vendor IAM and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, and Azure MFA. Exceptional interpersonal skills and the ability to communicate effectively with both technical and non-technical audiences, both verbally and in writing. Capability to manage multiple, competing demands while ensuring timely and high-quality delivery. Demonstrated leadership and influencing skills in a complex environment, with the ability to broker agreements among varying priorities and perspectives. Experience in establishing IAM program KPIs and reporting. Expertise in documenting IAM processes and procedures. Involvement in planning, designing, developing, and testing systems or applications, including cloud-based or Internet-related tools. Eames Consulting is acting as an Employment Agency in relation to this vacancy.