Identity and Access Management (IAM) Governance Expert

Descrizione del lavoro:

Security & Resilience is the core team and central driver for Information Security at (COMPANY NAME) Technology. The function is tasked to continue developing a strong security organization by establishing global security solutions and countermeasures and to oversee the effectiveness and guide the implementation of security controls. The Identity and Access Management (IAM) Governance Expert holds a key role within the IAM Governance Team, which is part of the global (COMPANY NAME) Technology Information Security (IS) Function, led by the (COMPANY NAME) Technology Chief Information Security Officer (CISO).

The (COMPANY NAME) Technology IS Function ensures that information security risks that may impact the successful delivery of the company's Services and Products and further the business objectives of (COMPANY NAME) are identified and properly addressed. It ensures that (COMPANY NAME) information is adequately protected from cyber-attacks, in line with internal and external, legal, and regulatory requirements. An excellent and proactive IAM is key to survive in times of increasing professional cyber criminality and meeting regulatory expectations with regard to effective Cyber Security (e.g., EU-TIBER, VAIT, DORA).

You will

* Contribute to the project team to set up the IAM Governance Function within (COMPANY NAME) Technology in close collaboration with (COMPANY NAME) SE Group IAM Governance and the Group project.

* Set up an implementation roadmap and ensure the roll-out and implementation of the IAM TOM within (COMPANY NAME) Technology in alignment with Group IAM Governance Team.

* Ensure the effective implementation of Information Security principles and procedures, adapt the IAM TOM and Group IS Practice for IAM to local regulatory requirements of (COMPANY NAME) Technology SoG, as well as develop and update specific policies accordingly.

* Manage and orchestrate actions resulting from audits and assessments, as well as interact with other Safeguarding Functions and External Audits to ensure IAM Model is maintained correctly and in line with local regulatory requirements and industry security standards.

* Ensure that IAM is successfully delivered within (COMPANY NAME) Technology locally, develop status & progress reporting.

* Manage Security Risk, by supporting the life cycle of security risk assessments, assessing and addressing deviations from security policies and contractual security provisions, and developing effective strategies to mitigate identified information security risks.

* Identify protection goals, objectives, and metrics, systematically assess the effectiveness of security controls for IAM processes and Services.

* Ensure close collaboration and support IAM Business Operations with expertise on OE IAM-related local regulation and preparation of exception requests to Group IAM Governance.

* Provide expertise around IAM TOM and liaison with all relevant stakeholders.

* Formulate business requirements and steer demands related to the local IAM (LIAM) system of (COMPANY NAME) Technology and interact with IAM Tech counterparts as Business Owner for LIAM.

Your skills

* University degree (primarily in Business Administration, Computer Science, Business Information Systems, or related field), or equivalent professional experience with a long track record of experience in IT; 5 years+ experience in Information Security related fields, Governance and/or Risk Management.

* Professional experience in Information Security Governance and Identity and Access Management. Background in Identity Governance Administration (IGA) and related IAM architectures and market tools.

* Familiarity with regulatory compliance requirements and industry standards (GDPR, VAIT, ISO2700x, COBIT framework).

* Proven track record and experience in developing Information Security rules, policies, and procedures.

* Sound knowledge of IT security technology, architecture and processes and profound knowledge of information security management systems and relevant industry standards.

* Practical experience in implementing Information Security Governance and management systems, knowledge of Governance, Risk and Compliance (GRC) tools and related processes.

* Successful track record in process and organizational management, as well as running projects in large and diverse international organizations.

* Professional certifications in Information Security (e.g., ISO2700x, COBIT, CISM, CRISC, CISA, CISSP, CRM), Process and Service Management (e.g., ITIL), as well as Project Management (e.g., PMI, PMP, Prince2) or similar are a plus.

* Ability to cope with high workload, and being able to exercise good levels of independence, judgment, and initiative. High quality of analytical and soft skills.

* Proficient in English (good command in German is a plus), excellent international communication skills including the abilities to prepare professional documentation for various audiences and senior management and to communicate effectively with C-level executives.

* Project management and/or leadership experience in complex enterprise environments, preferably in agile teams, is a plus.

Your benefits

* We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad

* We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)

* From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered

* Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach

About (COMPANY NAME) Technology

(COMPANY NAME) Technology is the global IT service provider for (COMPANY NAME) and delivers IT solutions that drive the digitalization of the Group. With more than 12,000 employees located in 51 countries around the globe, (COMPANY NAME) Technology works Internal together with other (COMPANY NAME) entities in pioneering the digitalization of the financial services industry.

We oversee the full digitalization spectrum - from one of the industry's largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction.

In short, we deliver full-scale, end-to-end IT solutions for (COMPANY NAME) in the digital age.

D&I statement

(COMPANY NAME) Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life.

Join us. Let´s care for tomorrow.

You. IT

31055 | Ingeniería informática y tecnológica | Profesional / Senior | Non-Executive | (COMPANY NAME) Technology | Jornada completa | Indefinido