Job Description
Manager, Identity & Access Management – Remote #1343
Atlanta, GA
Area Of Interest: Information Technology
Position Type: Full-time
Position Description
This position is a remote role, open anywhere throughout the United States.
Job Summary
The Manager, IAM Services position is an advanced role requiring leadership and team management skills, along with technical and analysis expertise. The Manager, IAM Services leads a team of individuals in the design, analysis, operation, administration, and governance of the Identity and Access Management program at the American Cancer Society (ACS). This role is tasked with ensuring IAM services are applied to society-managed assets as well as vendors and other third-party entities. The role requires ensuring that a large, multi-faceted IAM program is in place governing provisioning, access, single sign-on (SSO), directory services and technical integrations, as well as supporting behavioral analytics.
The ideal candidate possesses at least 5 years’ experience in technology and security administration across medium to large networks, including third-party entities. Additionally, as a senior member of the team, the role requires leadership skills to coach and mentor less experienced staffers. The Manager, IAM Services is expected to manage the team and execute the security strategy as directed by the Director, IT Security Risk Management. Consequently, the Manager, IAM Services must identify and effectively communicate an actionable workload for team members that adheres to business initiatives balancing business risk and IAM security best practices. The Manager, IAM Services is a subject matter expert for colleagues and is expected to deliver on line-of-business expectations.
Major Responsibilities
- Manage a team of IAM analysts and professionals tasked with the deployment of identity and access controls across the enterprise.
- Direct employees to implement IAM solutions that align with access policies and processes.
- Ensure employees maintain up to date IAM program documentation for systems and processes. Rigorously maintain security systems and administer security configurations that reduce risk to enterprise systems and accounts.
- Lead the team through IAM governance, policies and solutions across SSO, directory, certificate, multi-factor authentication (MFA), privileged accounts, automation and behavior analytic systems.
- In tandem with business units, support business metrics associated with IAM initiatives, and the efficacy of IAM controls based on the CIS Critical Security Controls and the NIST Cybersecurity Framework.
- Manage team member access across organizational systems as well as external entities.
- Align operational policies and procedures in tandem with business leaders and technology partners.
- Construct and carry out a strategic vision for rigorous and scalable IAM controls with key performance indicators.
- Supervise routine access reviews that align with business unit ACS policy requirements.
- Work in tandem with security leadership for annual strategic technology and budgetary directives.
- Serve as a team lead and initial point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management.
- Attend change and project management meetings and engage with other participants.
- Liaison with auditors, both internal and external, to maintain and implement controls for compliance and privacy laws.
- Work with the Director, IT Security Risk Management to develop roadmap for the IAM program.
- Act as a primary point of contact for disaster recovery and business continuity.
- Perform other duties as assigned.
Position Requirements
Formal Knowledge
- At least 5 years’ experience in cybersecurity, with at least 3 years in IAM.
- Highly analytical, with a proven deep background in IAM technology design, implementation and delivery.
- Experience and understanding of various regulatory requirements and laws such as, but not limited to, Payment Card Industry (PCI), Federal Financial Institutions Examination Council (FFIEC), Sarbanes-Oxley (SOX), Health Information Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following is required: ISO 17799, ITIL or NIST.
- Experience in IAM solutions both on-premises and in the cloud.
- Extensive knowledge of SSO, MFA, Active Directory (AD), public key infrastructure (PKI), privileged accounts and integration application program interface (API) capabilities.
- Experience administering IAM systems, access controls, security and risk management, as well as a security governance framework at scale.
- Track record acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
- A least a BS (or equivalent) in Computer Science, Information Systems, software development, or another related field is required
- Demonstrated knowledge of IT Security process frameworks, NIST CSF, CIS Critical Security Controls, and PCI Data Security Standard.
- Broad range of knowledge, including both technical and non-technical facets of IT internal controls and compliance, including logical and physical controls for applications, infrastructure, and e-Commerce. Knowledge of industry best practices and standards for IT Security and Risk Management.
Specialized Training or Knowledge
- Security certification such as Security +, CISSP, CISM, CRISC, or CISA desired
The full compensation range established for this position begins at a minimum of $115,000 annually.* Actual starting pay may differ based on non-discriminatory factors including, but not limited to, geographic location, experience, skills, specialty, and education.
The American Cancer Society has adopted a vaccination policy that requires all staff, regardless of position or work location, to be fully vaccinated against COVID-19 (except where prohibited by state law).
ACS provides staff a generous paid time off policy; medical, dental, retirement benefits, wellness programs, and professional development programs to enhance staff skills. Further details on our benefits can be found on our careers site at: jobs.cancer.org/benefits. We are a proud equal opportunity employer.