Information Security Architect - IDAM
With Dechert LLP in Philadelphia PA USMore jobs from Dechert LLP
Posted on March 13, 2019
About this job
Job type: Full-time
Role: System Administrator
security, sysadmin, web-services
The Information Security Architect – IDAM is an advanced role requiring deep technical and process expertise in Identity and Access Management as well as leadership, collaboration and indirect management skills. The IDAM Architect coordinates closely with architecture and engineering resources in security, network, systems and desktop to own and manage a multi-faceted IDAM program including provisioning, access, single sign-on (SSO), multi-factor authentication, privileged access management, biometrics, public-key infrastructure, directory services, group policy, identity-related integrations, behavioral analytics and other IDAM-related technologies and functions.
The ideal candidate has a deep understanding of IDAM strategy, processes and tools and also brings a strong background as an information security generalist (e.g., experience in network or systems security architecture / engineering).
The IDAM Architect is a thought leader within the Information Security function and is expected to own and advocate for IDAM strategy across numerous Firm functions and technologies, to foster collaboration and build strong relationships, to mentor and guide other staff, both within the security team as well as in the wider IT team. The Dechert security team values and is committed to fostering a cooperative leadership and learning environment from every chair, regardless of title
ESSENTIAL JOB FUNCTIONS :
- Create, maintain and own the firm’s Identity and Access Management (IDAM) programs, strategies, policies, standards, guidelines, procedures and roadmap.
- Lead and drive identity-related projects and initiatives across various IT teams, including security architecture/engineering, security operations, network/ systems/workstation engineering, IT Operations and other IT teams to ensure consistent standards and practices related to IDAM and Information Security.
- Identify and leverage technologies, vendors and partner resources to ensure consistent identity management practices in on-premise identity stores, cloud-based or non-Firm environments, integrations with the Firm’s SSO infrastructure, privileged access management and alignment with Firm’s policies related to IDAM.
- Serve as an adviser to the Third-Party Risk Management program, as appropriate to the scope of this role.
- Advise the Information Security Governance, HR and IT Training teams to ensure appropriate coverage of IDAM-related topics in the Security Awareness curriculum.
- Serve as an adviser and Subject Matter Expert for attorneys, case teams and administrative business functions on Information Security and IDAM concepts.
- In collaboration with other members of the security team, facilitate Risk Assessments of projects, technologies and the Information Security of the Firm.
- Serve as a Subject Matter expert during Roadmap planning for the security team and IT as a whole, to advocate for and ensure appropriate coverage of the IDAM and Information Security programs.
- In collaboration with other members of the security team, develop, own and periodically produce metrics for the IDAM program and the Information Security program as a whole.
- Coordinate with Security Operations to ensure appropriate monitoring and incident response capability related to IDAM.
- Other duties as assigned or appropriate.
QUALIFICATIONS / KSAs
- Bachelor’s degree or equivalent experience preferred.
- 7-10 years of relevant experience.
- Broad and deep technical security background in IDAM-related areas as well as Information Security more generally.
- Strong understanding of core identity and access management concepts and technologies, including provisioning, access, single sign-on (SSO), multi-factor authentication, privileged access management, biometrics, public-key infrastructure, directory services, group policy, identity-related integrations, behavioral analytics and other IDAM-related technologies and functions.
- Experience with on-premise and cloud-based identity integrations, for example between Active Directory and cloud-based HR and SSO tools, Microsoft Azure identity and other similar technologies.
- Experience designing and administering IDAM systems, access controls, security and risk management as well as a security governance framework at scale.
- Demonstrated personal integrity, ability to handle confidential matters professionally and with discretion. Sound judgment and decision-making commensurate with the position and its responsibilities.
- Strong written and verbal communications skills. Ability to explain deeply technical concepts to non-technical audiences and advocate effectively for the IDAM program with both technologists and senior management.
- Excellent time management skills to effectively manage multiple and sometimes competing priorities. Ability to work calmly under pressure.
- Strong analytical, process and troubleshooting skills.
- The desire, commitment and ability to be a team player. Ability to manage expectations, align different points of view and gain consensus.
- Advanced security-related certification is a plus, e.g., ISC2 CISSP, SANS GSEC, ISACA CISM or similar.
- Experience with one or more common security frameworks preferred, for example: ISO 27001:2013, NIST, CSF, Center for Internet Security (CIS) or SOC 2