Manager of Identity Access Management Compliance and Risk Mitigation

Job Title: Manager of Identity Access Management Compliance and Risk Mitigation

Job Summary: The Manager of Identity Access Management (IAM) Compliance and Risk Mitigation is responsible for overseeing the design, implementation, and management of IAM processes, and solutions within the organization. This role ensures that IAM processes and controls are compliant with internal policies and external regulations. The Manager will lead a team of IAM engineers and analysts, working closely with other IT and security teams to identify and mitigate IAM-related risks.

Key Responsibilities:

IAM Strategy and Solution Design:

• Directs the strategic direction and work of a large team or group working to enhance, further and execute best practice issue resolution and response processes, threat analysis and research, and/or proactive prevention measure development
• Design, deploy, and configure IAM solutions that identify IAM-related risks within the environment and assist with the mitigation of those risks.
• Design and implement procedures for periodic access reviews of SOX applications.
• Streamline the process for providing audit feedback and proof of controls for all IAM solutions.
• Ensure that IAM solutions meet security and compliance requirements.
• Work with GRC and other IAM teams to ensure policies are updated and current.

Access Management:

• Manage and monitor access to critical systems and applications.
• Ensure the the provisioning and de-provisioning of user accounts is within policies regulations and guidelines
• Conduct regular access reviews and audits to ensure compliance with policies.

Risk Management:

• Analyze data to identify potential IAM risks and vulnerabilities.
• Develop and implement strategies to mitigate identified IAM risks.
• Conduct risk assessments and identify potential compliance issues.
• Monitor and report on IAM risk activities and ensure adherence to regulatory requirements.

Collaboration and Communication:

• Collaborate with internal and external stakeholders to address IAM risk management concerns.
• Provide guidance and support to the organization on IAM risk-related matters.
• Engage with IT teams, auditors, and legal as needed.
• Help manage audit activities and establish relationships with IT support and business teams.

Leadership and Team Management:

• Lead and mentor a team of IAM engineers and analysts.
• Foster a culture of continuous improvement and learning within the team.
• Set performance goals and conduct regular performance reviews.

Qualifications:

• +3 years of experience in Cyber Security. Preferably in Identity access management (IAM).
• +3 years of experience in Compliance regulations like PCI, SOX, etc.
• Proven experience in compliance and risk management, Preferably in the area of Identity Access Management (IAM).
• Strong understanding of IT general control frameworks and regulatory requirements.
• Strong understanding of IAM technologies and best practices.
• Excellent communication and interpersonal skills.
• Strong communication and collaboration skills.
• Experience leading and managing a team.

Appreciated Qualifications:

• Bachelor’s degree in computer science, Information Technology, or a related field.
• Relevant certifications such as CISSP, CISM, CEH or similar.