Job Description
We are seeking a motivated individual to join our Identity and Access Management (IAM) team. This position will help safeguard the organization's information by implementing controls, developing standards, and design solutions to ensure we successfully identify, authenticate, and authorize access to critical data and applications. In this role, your skills, experience, and knowledge of IAM technologies and concepts will help the organization balance policy, regulatory and auditing compliance requirements with end user experience through application on-boarding, IAM workflow development, process improvements, and supporting highly available application environments.
The IAM Technical Manager, as a vital part of our Information Security Team, will lead the Identity and Access Management program. They will define the strategy, implement that strategy, and modernize Digital River’s IAM systems and processes. This role oversees systems and tools related to identity lifecycle, identity governance, privileged access management, and overall access management. This individual will also take on responsibilities related to information security, outside of the IAM program. This is a hands-on-keyboard role. The ideal candidate will not only possess strong technical skills and a strategic mindset, but they will also have experience building and leading high-performing teams in dynamic environment.
40% -- Leadership & Engineering
1. Guiding, mentoring, and providing training to cultivate a high-performing team, consisting of three full time employee and some contractors
2. Define the strategy - design and implement security architectures, processes, and solutions to protect Digital River’s infrastructure and identities
3. Enable automation – develop automation focused on identity lifecycle
4. Research requirements to determine system feasibility, costs, benefits, or functional capabilities
5. Develop, implement, and administer security and identity related policies and procedures
6. Remain informed on the most recent advancements in technology and security trends to remain knowledgeable about emerging threats and industry best practices
30% -- System Security Operations
7. Triage and support operational issues involving systems and tools
8. Execute on periodic entitlement reviews and audit support related to PCI and SOC2 audits across the organization
9. Conduct vulnerability assessments on Digital River’s software, architecture and vendors as needed
10. Perform various manual tasks related to the provisioning and de-provisioning of user accounts
11. Performs system maintenance on all security tools and identifies areas of improvement
30% -- Technical Support
12. Consult and collaborate with the business as a subject matter expert on security and IAM
13. Assist with PCI and SOC2 related security audits as needed
14. Participate and oversee the management of a ticket que and fulfilling support tickets within defined SLAs
Qualifications
What You'll Need to Succeed:
Required:
15. 2+ years of experience in a team lead or people management position
16. 5+ years of experience in Information Security and/or Identity & Access Management design and engineering
17. Experience managing Identity and Access Management in AWS
18. Experience with AWS IAM Identity Center, Microsoft Azure, Veza, OKTA, IdentityIQ, secrets management, or other equivalent IAM technologies
19. Experience with automating manual tasks related to IAM systems and tools
20. Coding / scripting skills – Ability to add, update or troubleshoot code to resolve issues, create efficiencies or integrate systems is a plus
21. Experience working with systems (UNIX/Linux/Windows) and directories (LDAP, etc.)
22. Experience with IAM Technologies and Processes (Federated Authentication, Web Single Sign On, SAML/OAuth, OpenID Connect, Web Access Management (WAM), Identity Governance and Administration (IGA), Multi-Factor Authentication (MFA), Privileged Access Management (PxM/PAM), etc.
23. Solid understanding of security principles, tools, and processes
24. Problem solving and troubleshooting skills, and ability to multitask on competing priorities
25. Exceptional communication and interpersonal skills with the ability to influence and collaborate with diverse stakeholders
26. Strong project management and organizational skills, with the ability to deliver high-quality results within budget and on schedule
Preferred:
27. Industry standard certification such as CISSP, CISA, or CISM
28. Bachelor’s degree in Computer Science/Security Engineering/Related field