Senior Identity and Access Security Manager
Birmingham (Hybrid)
Key Responsibilities:
- Ensure robust security practices are in place to protect against identity-related threats by collaborating with architects, security professionals, and both internal and external stakeholders.
- Establish standards and lead the design and implementation of identity and access management processes and controls to enhance operations and reduce risks.
- Guide internal business teams on best practices, identify and address any concerns, and serve as the liaison between business and technical teams on all identity and access management (IAM) matters.
- Contribute to the development and maintenance of the Information Security policy framework in accordance with risk appetite, legislation, and industry best practices.
- Develop and uphold cyber policies and standards aligned with recognized frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations.
- Facilitate the creation of enterprise IT solutions, considering critical factors such as APIs, security, scalability, manageability, and usability, leading to comprehensive and effective outcomes.
- Act as a Subject Matter Expert (SME) from the user's perspective, assisting in developing functional requirements, processes, and automation.
- Produce accurate and concise reports, Key Risk Indicators (KRIs)/Key Performance Indicators (KPIs), and executive summaries on Information Security topics and techniques.
- Contribute threat knowledge to IAM and Privileged Access Management (PAM) requirements.
- Identify and address security concerns proactively and manage high-risk vulnerabilities.
- Participate in and contribute to various organizational committees.
Skills and Abilities:
- Understanding of IAM concepts and best practices.
- Familiarity with security and compliance frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations.
- Experience managing multiple demands from various stakeholders while ensuring timely and high-quality delivery.
- Excellent written and verbal communication skills, with the ability to convey technical and security-related concepts to diverse audiences.
- Ability to prioritize tasks and deliver results in high-pressure situations through strategic and tactical planning.
- Capability to manage significant stakeholder interactions, offering expert advice and demonstrating business acumen.
- Proven ability to build strong relationships across different business units.
- Confidence and effectiveness in communicating with a range of stakeholders.
- Self-motivated, autonomous, results-driven, and adaptable in approach.
- Knowledge of data regulations and requirements in various regions including the UK, US, and globally.
- Strong grasp of IT security principles, especially related to IAM and PAM.
Knowledge and Experience:
- At least five years of experience in Identity and Access Management.
- Proven success in developing and executing enterprise identity solutions.
- Familiarity with IAM concepts and best practices, as well as security and compliance frameworks.
- Experience with managing vendor IAM and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, and Azure MFA.
- Exceptional interpersonal skills and the ability to communicate effectively with both technical and non-technical audiences, both verbally and in writing.
- Capability to manage multiple, competing demands while ensuring timely and high-quality delivery.
- Demonstrated leadership and influencing skills in a complex environment, with the ability to broker agreements among varying priorities and perspectives.
- Experience in establishing IAM program KPIs and reporting.
- Expertise in documenting IAM processes and procedures.
- Involvement in planning, designing, developing, and testing systems or applications, including cloud-based or internet-related tools.
Eames Consulting is acting as an Employment Agency in relation to this vacancy.