IAM Manager at TEKsystems

IAM Manager

Direct Placement

Top Skills' Details

Cyber Security

Incident Response

Threat Analytics

The Role and Access Manager is responsible for the development and maintenance of the Role Based Access Control (RBAC) framework. In conjunction with business leadership and IT technical personnel, the Manager will ensure that access controls are consistent, scalable, and auditable across the organization. This position will interface with the user and technology communities to understand their security needs and implement access controls to accommodate them, employing a least-privileged model for access control.

The Manager will act as an advisor to business units during routine reviews of system security and will participate in the continuing creation, modification, and retirement of roles within the business. Additionally, the Manager will coordinate with technical IT operations personnel on the development of appropriate onboarding and offboarding processes for personnel and systems and the client's chosen access control technologies.

A successful RBAC Manager will have a multidisciplinary background in areas such as process development, systems and/or business analysis, and identity management. The Manager must thrive in fast-paced situations. This position is heavily reliant on teamwork and is responsible for mentorship of less experienced workers in the area of role-based access control and identity management.

Description:

1. Role-Permissions Analysis - 40% of total job

a. Understand/Analyze/Document the goals and scenarios for roles (requirements)

i. Understand business functions and entitlement requirements for roles.

ii. Understand how regulatory and policy statements impact roles and entitlements (HIPAA, PII, CDE, etc.)

iii. Analyze role and permissions candidates (developing the roles and entitlements)

b. Manage/Analyze/Communicate

i. Permission Context (translate role scenarios into permissions)

ii. Permission Constraints and Privacy Expectations (segregation of duties and policy constraints)

iii. Functional Requirements (from systems, applications, job descriptions, etc.)

c. Work with Cybersecurity for on-going discovery and audit of user accounts and access resource groups

d. Document access control matrices

e. Participate in discussions to refine existing RBAC structures and role rationalization.

f. Ensure application onboarding and decommissioning processes address changes to RBAC roles or entitlements.

2. Role-Permissions Management - 40% of total job

a. Proactively facilitate the management of permissions and entitlements, drive efficiencies in role entitlements

b. Serve as Liaison for RBAC/IAM issues.

c. Manage Role Based Access controls, including role management, role mining, role remediation, and role re-certifications.

d. Maintain user role definitions while maintaining naming conventions and updating entitlements as needed.

e. Change contexts, constraints, purpose, and hierarchies that feed RBAC rationale.

f. Manage discovery and audit of user accounts and access resource groups.

g. Work with IT Security Audit personnel to monitor access to critical systems and infrastructures such as Active Directory, E1, Cognos, TMA, etc. (Splunk alerting – analysis of who is requesting what types of entitlements in key applications, etc.)

h. Conduct change impact assessments (example: departmental re-structuring)

i. Maintain an understanding of access with respect to roles, rules, and policies.

j. Participate in kick-off and training on periodic access certification reviews for Role & Resource Owners.

3. Other job functions that support sustaining RBAC - 15% of total job

a. Participate in Sprint Planning meetings or review meeting outcomes to review significant System/Software configuration changes across technology infrastructure and business applications for change management.

b. Participate and review User Acceptance Testing and Quality Assurance post RBAC deployment.

4. Stay abreast of Identity and Access Management trends and technologies - 5% of total job

a. Research, develop and stay current on access management techniques.

b. Participate in the evaluation and recommendation of security products, services and/or procedures.

c. Help develop security awareness content and provide education on security policies and practices both internal and external to the group.

Must sit on-site in one of the divisional offices below:

Tulsa, OK

St. Louis, MO

Dallas, TX

Charlotte, NC

Des Moines, IA

Tuscon, AZ

San Antonio, TX

Austin, TZ

Phoenix, AZ

Omaha, NE

Kansas City, MO

Denver, CO

Greenville, SC

Skills:

Iam, Identity access management, Access, Security, Identity management, Cybersecurity, Incident Response, Threat Analytics

Top Skills Details:

Iam, Identity access management, Access, Security, Identity management

Additional Skills & Qualifications:

The required specifications (education, experience, and skills) are those that the employee must have to hold the position. Applicants applying for this position must possess the required specifications to be considered for the job. The desired specifications are those that are not required for the employee to hold the position, but the employee should try to obtain the desired education, experience, and/or skills to be effective and successful in the position.

1. Required education: Bachelor’s degree or equivalent work experience.

2. Desired education: Specialized education in business analysis, IT audit, or process development. ITIL or CISA certification or other relevant certification.

3. Required experience: 6 years of business analysis, identity management, or IT audit experience in large, complex corporate environments, particularly in multi-state retail. Advanced experience with identity management or access control methodologies and solutions.

4. Desired experience: 6 years of experience and advanced knowledge in building and supporting access controls. Experience leading and/or mentoring junior personnel. Experience planning, maintaining, and implementing an RBAC scheme. Deep experience driving continuous improvement of technology and practices.

5.Required skills: Strong understanding of identity lifecycle management, operating environments (such as Microsoft Active Directory, Azure cloud, etc.), privileged access management, and third party, remote access security. Knowledge of network authentication methods, such as user IDs, passwords, MFA, certificates, Kerberos, etc. Excellent ability to analyze and understand business processes and functions. Ability to interact with business leadership and drive the adoption of process change. Strong written and oral communication skills including documentation. Ability to work with little direct supervision, and to foster a team environment.

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.