IAM Engineer

Company Description

We are looking for a motivated Information Security Officer to support the Cyber Defense function worldwide, with a particular focus on Identity and Access Management (IAM).

You will join a diverse team of professionals to support internal customers in operational security tasks; you will also be responsible to ensure that identity/access operations meet business needs and security requirements.

As a subject matter expert, you will execute and improve operational IAM processes and controls, such as validations, certifications, and exception management.

The candidate we are looking for is an InfoSec enthusiast who can communicate in French or/and English and possesses excellent analytical skills, curiosity, and precision.

Job Description

You role will be to:

Cyber Defense advisory and support:

» Provide advisory and recommendations on cybersecurity topics to internal customers and affiliates;

» Communicate and collaborate at different levels of technical understanding, adapting communications based on the audience;

» Ensure that Information Security policies, standards and guidelines are applied effectively across all systems.

» Identify potential weaknesses and advise on mitigation and control measures;

» Track and follow-up on deviations from security policies and regulations; » Keep up-to-date with the latest security and technology developments. Identity and Access:

» Act as L2 escalation point for IAM, working closely with hands-on specialists and support staff;

» Assist users and provide guidance in access management processes; qualify user difficulties;

» Execute access review campaigns and assist stakeholders in the execution;

» Ensure stakeholder engagement in and awareness of IAM policies/procedures across all business lines.

» Monitor identity and access for anomalies and abuse of permissions;

» Investigate security alerts (e.g. credentials theft, identity usurpation) and raise them to the incident response team;

» Analyse, propose and implement improvements on IAM processes and procedures. Metrics and reporting:

» Generate and maintain KPIs/KRIs on operational security;

» Create dashboards for access review campaigns and other user access controls;

» Produce reports; summarize information for a wider audience. Knowledge management:

» Update and maintain procedures, wiki articles and internal training;

» Analyse and document new security processes when needed

Qualifications

Technical skillset:

» At least 4 (four) years' experience in a cybersecurity role

» Good understanding of cybersecurity fundamental concepts, the risks associated with different technologies and ways to manage them.

» Good knowledge of common security issues inherent to corporate environments.

» Experience with corporate operational processes and procedures.

» Prior experience in a multinational financial institution is an asset. The candidate has a relevant degree in Information Security or related disciplines, or possess equivalent field experience.

To succeed in this role, the candidate will demonstrate experience with cybersecurity operations, especially in the domain of Identity and Access. The following skills are required

» Broad knowledge of IT infrastructure technologies (Windows, *NIX, networking, databases, web technology, cloud architectures) and security technologies

» Knowledge of Identity and Access Management (IAM) processes and controls; IAM solutions and architectures such as Directory architectures, identity provisioning, RBAC, SSO, Identity protocols (OAUTH / SAML), web access management, PKI, privileged access management. » Working experience with IAM technologies (e.g. CA, Microsoft, SailPoint, IBM, Cyber Ark, Opentrust)

» Proficiency with Microsoft Office (in particular with Excel), SharePoint and PowerBI