Job description
Overview:
The Identity and Access Management (IAM) Architecture Team drives the IAM strategy within SMBC (Sumitomo Mitsui Banking Corporation). The candidate will report to the Head of IAM and will be expected to lead a team of talented Architects and Engineers who work closely with the Business, IT and IT Security teams to deliver strategic IAM solutions and maintain existing ones. The ideal candidate must be a subject matter expert in IAM, think strategically, encourage innovation and must be comfortable with managing people and technology.
The anticipated salary range for this role is between $228,000 and $253,000. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.
The anticipated salary range for this role is between $228,000 and $253,000. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.
Responsibilities:
- Head the Identity and Access Management (IAM) Architecture Team
- Establish processes that maintain systemic stability and sustenance of IAM products and services
- Partner with the group companies to set and adopt IAM strategies
- Mentor the team and provide guidance on People, Process and Technology issues.
- The point person for resolving Technology issues related to IAM.
- Establish, maintain IAM standards,
- Maintain and develop IAM Reference Architectures for B2A (Application Identities), B2B (Business Identities), B2C (Customer Identities) and B2E (Employee Identities) use cases.
- Modernize IAM Tools
- Collaborate with businesses to provide sustainable and future compatible IAM solutions to legacy applications, wherever possible.
- Strategize based on changes and the presence of regulatory and industry standards
- Oversee multiple requirements and projects
- Understand IAM products, protocols and be a Subject Matter Expert for anything IAM
- Ensure that Architecture Team collaborates with the operations team to operationalize the solution for long term sustainability
- Ensure IAM Processes are automated wherever possible
- Represent the IAM Architecture team in audits
- Champion the developed IAM solutions and ensure compliance with all applicable SMBC policies
- Research new IAM and Security technologies that can be applied to existing or emerging problems
- Experience in Leading IAM teams
- Strong understanding of Authentication, Authorization and Access Management flows
- Strong Knowledge of Azure and Microsoft Identity Products. Specifically Azure Active Directory, Azure Conditional Access, Azure Identity Governance, Azure Enterprise Applications, Microsoft Active Directory, Microsoft Identity Manager.
- SAML (Security Assertion Markup Language), Openid, Oauth
- Past or Current experience in Powershell and working knowledge of any one High Level Language like Python, Java, C#/Dot Net
- Knowledge of HTML, Javascript, HTTP, Kerberos, PKI, JSON, JWT, Webservices, LDAP V3
- Knowledge of Web Application Tech Stack (browsers, web servers, application servers, databases)
- Knowledge of IAM and security principles like Federation, RBAC (Role Based Access Control), PBAC (Policy Based Access Control), MFA (Multi Factor Authentication), encryption, PKI
- Hands-on with Diagramming tools like Visio or Lucidchart
- Privileged Identity and Secret management (Cyberark, Hashicorp Vault etc.)
- Experience in any one of the IDaaS products (Okta, Auth0, Ping One etc.)
- Implementation experience of MFA, step-up authentication, UEBA, Risk Based authentication products
- Knowledge of NIST Digital Identity Guidelines, FFIEC Cybersecurity Guidelines (including Assessment Tools)
- Knowledge of any one of the Identity Governance products (RSA Securid Governance Lifecycle/Aveksa, Sailpoint, Saviynt etc.)
- Any one WAM and Federation products (PingAccess, Siteminder, Oracle Access Manager, IBM Tivoli Access Manager/Security Access Manager etc.) preferred
- Familiarity with DevOps tools preferred
- Knowledge of TOGAF, SABSA, COBIT architectural frameworks and artifacts preferred
- Experience with Unix environment preferred.
- Knowledge of Containerization technologies like Docker and Kubernetes
- Excellent communication skills and Collaborative attitude.
- Bachelor’s (Computer Science preferred)
- CISSP or other Information Security related certification preferred
seankuhnke.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, seankuhnke.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, seankuhnke.com is the ideal place to find your next job.