Identity and Access Managment Senior Manager
Dallas, TX 75202 US
Salary Range: $127, 961 - $170, 615
Location: Onsite (Dallas, TX)
Summary The IAM Senior Manager will be accountable for the organizational and technology roadmap, Capital and O&M budget execution, Vendor Management, production operations and will maintain all IAM Solutions. Additionally, this position is responsible for identification of innovative ideas, serving on internal committees to represent cyber security interests, execution of projects, monitoring the day to day operational impacts, managing the defect process from identification to complete resolution, identifying enhancement opportunities and collaborating directly with leadership of the Technology, Measurement & Customer Engagement. Manage the team that Researches, Develops, Implements, Maintains and audits the enterprise cyber security access controls for access management systems. Acts as contact with suppliers to develop technical access management solutions for computer security needs and makes recommendations to senior management. Leads the team responsible for project planning, delivery, trouble shooting, execution, monitoring, Root cause determination and control exercises in IAM areas . Provide security technical expertise and project leadership for the Identity and access management team. Review projects, new applications, legacy systems, and existing user access for appropriate security controls and segregation of duties. Create and/or provide recommended modification to existing policies, standards, procedures and guidelines related to user and system access.
Key Roles & Responsibilities
Directly or through others, the incumbent:
- With direction from the Capability owner and other Technology Leadership, leads cross functional teams to assess and anticipate current and future IAM Solutions requirements. Develops, maintains and leads the execution of a roadmap and implementation for these requirements for Identity and access management systems and IAM resources
- Responsible For Leading Identity management Operations;Access Control Management;and Management Of Security Solutions Platforms to help detect security risk, events and mis-use of access in the company.
- Leads the strategy execution of Identify and Access Management for Oncor and provide oversight for all security related access management changes.
- Manages the capability lines budget and makes informed and dynamic investment prioritization decisions and recommendations.
- Manages vendor relationships related to the IAM and evaluates vendor products and services within the Technology strategy, technology and capability objectives.
- Implements industry standards and development methodologies, including Agile and DevSecOps, within the capability line to increase its responsiveness and growth.
- Provide leadership and support for system maintenance activities and upgrades, including but not limited to, user acceptance testing, quality checks and deployment of new technologies
- Establish and provide control points and enforcement of security access controls across the enterprise
- Perform security reviews on projects and applications in relation to identity and access management systems
- Coordinates the capture and evaluation of access management key performance indicators (KPI), Knowledge and proficiency skills (KPS) metrics for reporting.
- Exercise compliance reviews and ensures processes and procedures are in compliance.
- Ensure users are aware of applicable requirements in Information Security policies
- Build and maintain relationship with users to increase cybersecurity awareness
- Formulates and defines system's scope and objectives based on both user needs and a good understanding of the application, business, operational and/or industry requirements
- Analyzes, defines, and prioritizes the business functional specifications for IAM initiatives. Helps to develops project scope, charter, constraints and assumptions for aligned projects
- Responsible for stakeholder relationships to establish project expectations and priorities, coordinates and reports on project progress and accomplishments to the project team stakeholders, and sponsors
- Centrally manages user identity and access entitlements review and certifications, as well as interfacing with internal partners and external vendors.
- Must understand all IAM functions including but not limited to user entitlement, over privilege, under privilege and anomalist access controls.
- Ability to work on Windows OS (active directory) and Linux environment is required
- Manage identity administration by securely provisioning user and machine identities and the permissions for access into systems, services and shared folders. Ensure that proper least privileged security settings are set up to reflect the best cyber posture and access needs.
- Administer end to end identity management processes along with monitoring the activity and expediency of requests for access.
- Leads the team responsible for the documentation, quality and communication of processes around digital identities and security for end user and machine accounts.
- Lead the process of defining, document, ensure quality of support for the Senior Leadership team.
- Lead the definition, communicate and continuously innovate the process by which Oncor personnel can authenticate through digital identities to support operations while remaining cyber safe.
- Lead the advancement of Identity Management in accordance with all company policies and procedures.
- Responsible for Problem management and incident lead for the systems under the IAM capability line.
- Lead and direct root cause analysis to assist in the resolution of application issues/defects and ensure the cyber operations groups are aware of the outcomes and can participate in lessons learned.
- Performs all essential aspects and functions of the job as well as any other specific job requirements
- Bachelors or Masters degree in applied Cybersecurity, Information Technology, Computer Science or a related field is preferred
- Industry recognized certification in security (e.G., CISSP, CCSP, CISA, CISM, CEH, etc.) is preferred
- High School diploma, GED, or equivalent required.
- 8 -10 years of experience with at least 3 years of leadership in the following IAM Functional areas: Access Management Identity Governance Directory Services, Identity Provisioning, Identity Management, Network Security.
- Minimum of 3-5 years successfully leading global delivery team and managing professional security practitioners.
- Operational ownership, knowledge and experience with privileged identity management, access governance and other IAM solutions such as Active Directory, Identity broker platforms, Privileges Account Management, Roles Based Access Controls etc.
- Direct Experience in Installation, Configuration, Operational management, and audit of security processes and standards is a preferred.
- Written/Verbal Communication, Information Security, General Technology environment knowledge
- Knowledge NERC/CIP, Energy Sector, and ICS (Critical Infrastructure) preferred
- Extensive experience in business and data analysis, documentation management/creation and user access review procedures
- Extensive knowledge and experience with privileged identity management, access governance and other IAM solutions.
- Must be able to review application user and access security settings and make recommendations for improvements
- Strong communications skills (written and verbal) to be able to work with technical and non-technical team members
- Ability to train, manage and assist co-workers and direct reports on all aspects of the identity program build and evolution
- Identify and resolve gaps in the business processes which may include security/authorization set-up, user documentation, data interface design, data migration and reconciliation
- Use Active Directory knowledge to manage access entitlements between diverse systems and users
- Maintain business Roles and all associated data, rules including roles based access bundling rules, and processes with a goal towards role-based access and least privilege
- Serve as a trusted adviser to the business stakeholders and understand their core business processes, business priorities which can be enhanced using IAM solutions
- Successful Identity and access management, solution architecture, and advise internal projects of varying size
- Executions on organization wide strategy and implementation plans including but not limited to Privileged Access Management, Single Sign On, Least Privilege, and IAM governance
- Define and implement long term sourcing strategy, KPIs, org goals and resource skills
- Create and maintain on-going capability line resource capacity views and a performance metric.
- Assist in alignment of overall security governance as it relates to IAM with IT architecture governance and project and portfolio management (PMO)
Measures of Success
- Compliance with technology security access management systems, policies and processes
- Minimized risks and security breaches
- Effective oversight of security posture regarding access management, policies and processes
- Integration and operation of IAM solutions, tools, and utilities
- Establishes departmental goals and objectives, functions with autonomy
- Ensures subordinate supervisors and professionals adhere to defined internal controls with a focus on policy and strategy implementation
- Manages systems and procedures to protect departmental assets and requires practical knowledge in leading and managing the execution of processes, projects and tactics within one area