Cyber Security Management - IAM Security Analyst/Architect

Next Ventures are currently executing a search for a Cyber Security Management - IAM SECURITY ANALYST/ARCHITECT

Architects that are able to define the security requirements and processes in their domain, review architecture

- Defines, implement and ensures the proper functioning of security trust services within the Identity and Access management security domain in line with IT security policies. Recommends and advises on new or improved security services to Cyber security Management
- Review the secure design and implementation of internal and partners Identity and Access management infrastructures and processes. Review the identity and credential/token life cycle processes for new SAAS/partners applications and integrate the applications in XX Client IAM processes.
- Review and evolve customer and internal access management technologies. Implement and define federation services, Identity/federation/authentication brokers, internal access management, Identity Governance and Administration, Multi Factor authentication,...
- Document the IAM policies, principles and technical standards. Define and maintain the token/access assurance model. Ensure the adequate functioning of IAM security services
- Act as security subject matter expert in the IAM security domain and be the security point of contact for the business and project teams.
- Advice technical teams on the control design, implementation and processes necessary to ensure and protect information systems assets.
- Perform risk assessments and define the IAM related security requirements for business and IT projects. Advises on high level security design of new applications and infrastructures to ensure secure operation within the environment.
- Perform security validation to ensure effective implementation of security controls.

Skills and experience:

The successful candidate must be a service oriented, organised and independent security professional with at least 5 years+ solid experience in the Identity and Access management security domain.

The candidate must be a team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. The candidate will take ownership and ensure that organisational quality standards are met.

The candidate must be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.

The candidate must have proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage.

1) Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles;

2) Identity and Access management: several years of experience in building up sufficient background knowledge with regard to Authentication and access controls, Directory services (Active Directory), Multifactor authentication, Federation services, authentication brokers

3) Senior level knowledge and experience with Identity and access management technologies and platforms including IGA/IAM/PAM/IDAAS solutions like IIQ Sailpoint, Lieberman, Cyberark, MS Azure, Ping Identity, MS Active Directory, RACF, credential life cycle management... Understanding IAM industry best practices.

4) Authentication and access controls Security services (Authentication and authorisation schemes, RBAC, ABAC, SSO, Risk based/Adaptive authentication, PKI...);

5) Application security knowledge is a plus;

Preferred professional certifications are CISSP, GIAC, ISO 27001 LA/LI. Specific Product certifications in the IAM domain are an asset.

More information is available on application