A Global company located in Baltimore, MD is seeking an experienced Identity and Access Management business analyst. Reporting to the head of the global enterprise-wide IAM program, the global Information Security Identity and Access Management (IAM) organization defines policy and delivers capabilities to empower to better control access to its data, systems and infrastructure via a seamless user experience.
This role is responsible for overseeing and guiding teams in the definition and implementation Identity and Access Management solutions. You will be the business SME on the new IDaaS IAM solution throughout the corporation, partnering with technology and business owners to define requirements, feature and functions covering the full user lifecycle. With IAM leadership you will help drive the application adoption approach. Entitlement role and group definition with data mapping is a core function of this role. The ability to understand a partner’s access and privilege model, look for security risks and lead them through the process to migrate from a manual to an automated provisioning platform. Coupled with entitlement mapping, workflow process modeling and creation is the second core function of this role. Working with technical and business partners to understand their current state environment to provide direction and execution leadership throughout the migration & transition of legacy applications onto the new IAM platform as well as the integration of new applications. Must be able to meet demands of working across multiple workstreams through relationships with vendors, infrastructure and application teams. Ability to communicate effectively with senior technology and business leadership. Knowledge of information security, risk and compliance and the value of producing documentation will also be key to this role.
ESSENTIAL DUTIES and REPONSIBILTIES:
- Business SME within the IAM domain.
- Lead Analyst to define and drive secure IAM solution requirements.
- Assume ownership of IDaaS system rollout and integration, work closely with teams to complete development and implementation tasks
- Ability to dive deep, step-in and be hands-on when as needed.
- Work within the CISO team of a large organization to promote the best Identity and Access Management practices.
- Research problems and recommend solutions to improve security and processes by providing security IAM options.
- Work closely with business partners, to champion Information security through IAM best practices
- Serve as a business enabler via development support, clear planning and design documentation for properly-secured, policy-compliant, high-performance IAM integrations.
- Produce regular status reports
- Work with external vendors, system integrators and near/off shore teams.
- Support for System and IAM related policy development and regulatory compliance
- Support requirements/responses required from the 24x7 operations team
- Support CISO Quality and Compliance efforts
- Respond to Threat Intelligence reports
- Contribute IAM domain knowledge in improving the security architecture
- Understand business requirements and design IAM solutions
- Interact and communicate with application teams on systems integration tasks, dependencies, and troubleshooting issues
- Perform coarse and fine grain entitlement role & group definition and mapping
- Ability to mentor junior staff and be a knowledge leader
- URL blocked - click to apply
- Interest in information security and knowledge of Identity and Access Management controls
- Some travel, <10%, may be required
REQUIRED SKILLS and EXPERIENCE:
- 5+ years working within the Identity & Access Management domain
- 5+ years working within the information security domain
- 10+ years of technical business analyst experience within an SDLC; Agile team experience preferred
- Strong discipline regarding enforcement of access management core principles
- Experience in entitlement role / group data mapping
- Large scale enterprise-wide project experience
- Knowledge of the full user identity and access management lifecycle
- Comfortable dealing with external vendors, system integrators and hosting partners.
- Ability to work in Virtual, Geographically Dispersed Teams.
- Ability to drive completion of required tasks independently.
- Knowledge and experience of provisioning/deprovisioning workflows
- Strong Data mapping experience across different source platforms
- Strong knowledge of data inheritance and hierarchy
- Expertise with identity management domain concepts and full user lifecycle management, with various data sources and workflows.
- Strong workflow and process modeling documentation, creating swim lanes and flowcharts
- Experience with access models such as RBAC and ABAC
- Defining user stories and acceptance criteria
- Facilitating implementation of new functionality through training and demonstrations
ADDITIONAL DESIRED SKILLS and COMPETENCIES:
- IDaaS experience beneficial
- Cloud and SaaS experience beneficial
- Active Directory Modeling
- Global company experience
- Mobile IAM experience highly desired
- Multi-Factor Authentication (MFA) knowledge and experience
- Governance, Risk and Compliance (GRC) experience
- Experience with Brainwave iGRC desired
- User Access Review (UAR) and User Access Governance
- Office 365 Identity & Access experience
- Working with both Internal and External Identities
- Knowledge of Privileged Account Management (PAM)
- A professional certification in the Business Analyst domain preferred.
- A professional certification in an information security domain such as CISSP, CISM, or CISA preferred.
- A professional certification in the Identity and Access domain such as CIAM, CIMP preferred.
Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178
Systems Development Life Cycle