Manager, Identity and Access Management
Apply NowCompany: Allison Transmission Holdings, Inc
Location: Indianapolis, IN 46227
Description:
JOIN THE TEAM THAT'S POWERING PROGRESS
Building cities. Driving commerce. Saving lives. For over 100 years, Allison Transmission has powered the vehicles and technology that move our world forward.
What powers us? Our employees. From the first person hired by James Allison in 1915 to the thousands across the globe who work for Allison today, we're driving progress everywhere because we employ top talent worldwide.
Learn more about this role and how you can begin driving your career forward!
Benefits:
The below list features some of the benefits currently available. Eligibility may be subject to the terms and conditions of governing documents and available benefits may be subject to change at the company's discretion.
Job Description:
The Identity and Access Management (IAM) Manager is an integral part of the IT Security organization and will be the subject matter expert for core aspects of the IAM program across the global organization. This role will be responsible for advising leadership on ways to evolve our IAM strategy. This role protects the brand, company, and employees defining and promoting an IAM strategy that adapts to address continually evolving threats. This position will drive measurable operational process improvements and IAM technology projects in collaboration with multiple teams within Allison. This individual will promote corporate IAM standards to stakeholders within the organization. This position will also assist in monitoring the environment (incidents and events) for signs of trouble and be able to work with the IT Security Operations Team when a high-risk alert occurs or when there is a suspected attack. A key part of the role will also include extensive collaboration with Security Governance, Risk, and Compliance (GRC), architects, developers, vendors, and business units to constantly improve the overall security posture at Allison Transmission. We're looking for a team player with highly technical, analytical, and communication skills to deliver IAM security best practices across Allison Transmission.
Key Responsibilities
This is an active, hands-on role, responsible for end-to-end management, planning, design, development, and the support of the IAM function and all its components including oversight to the CIAM, IGA and PAM program, daily operations, ticket resolutions, delivery, client interaction, execution, monitoring, and people management
Prepare and maintain Information Security technology "roadmap" as it relates to IAM ensuring alignment to business objectives
Provide oversight of planning, build, implementation, and operation of the underlying technology platforms and processes across the IAM spectrum, including Identity Management, Access Request, Access Governance, Provisioning, Single-Sign on, MFA controls, Privileged Account Management, and other required components
Develop, maintain, and facilitate the adoption of IAM standards, processes, and procedures
Lead the coordination and response to IAM regulatory, audit, and compliance requests
Manage application certifications and attestations
Work across IT teams to deliver IAM best practices for on premise and cloud-based solutions for employees, contractors, vendors, and customers
Drive the implementation of least-privilege-based IAM solutions
Create business cases with leadership to secure resources, implement initiatives, and deliver expected results and business value
Drive initiatives to transform IAM provisioning and lifecycle management, leveraging self-service and automation capabilities to enable a frictionless user experience
Present IAM metrics and maturity indicators to leadership monthly
Participate as an active member of the Cyber Security Incident Response Team
Develop and direct IAM technical team in the investigation and resolution of complex privacy, security, and access management problems
Participate in triage and outage calls, work with the team to come up with root cause analysis, actively engage in incidents raised and escalation as needed
Directs business IT application teams on access management technology issues and opportunities
Identify, evaluate, and develop opportunities for process improvement, training, and awareness materials to educate users on IAM policies and practices
Work with global organization to ensure that security needs are met and integrating security into the overall business strategy
Prepare reports and artifacts for internal and external audits
Strong understanding of NIST, SOX, EU-GDPR regulations
Own the identity management policies and processes globally, maintaining applicable compliance across the organization (i.e., NIST, SOX, etc.)
Remain current on evolving security technologies related to IAM, including the identification of changes and trends in cybersecurity with the ability to inform senior management of both impact and recommendation of these changes
Plan and prioritize new application onboardings and coordination with IT projects and M&A activity
Qualifications
Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline.
One or more of the following Information Security Certifications is highly desired:
o Certified Identity and Access Manager (CIAM)
o Certified Information Systems Security Professional (CISSP)
o Certified Access Management Specialist (CAMS)
o Certified Identity Governance Expert (CIGE)
o Certified Identity Management Professional (CIMP)
o Certified Identity and Technology Technologist (CIST)
o Certified Information Security Manager (CISM)
o Certified Information Systems Auditor (CISA)
Experience
Required:
At least 7+ years' experience in cybersecurity, with at least 5 years in IAM
At least 2 years in a supervisory / lead role
Good understanding of Sarbanes Oxley and NIST compliance and information security policies and procedures.
Working knowledge of IAM infrastructure, including Identity Governance & Administration, AD/LDAP, Federation, Multi-Factor Auth, Customer Identity and Access Management (CIAM), and Privileged Access Management
Deep understanding of IAM technologies, controls, and best practices (OKTA, SAP, SailPoint, LDAP, directories, certificates, SAML/OAUTH, MFA, Adaptive Authentication, PKI, IGA, and IdP)
In-depth understanding of authentication, authorization, role-based access, least privilege and segregation of duties access control concepts
Knowledge of Active Directory concepts, including users, computers, groups, policies, Cloud Infrastructure, Database, and Identity technical concept.
Experience capturing IAM use cases and defining IAM requirements and processes
Experience deploying and managing Role-Based Access Control (RBAC) preferred
Experience implementing cloud identity management
Allison Transmission is an equal opportunity employer. We have opportunities for all qualified applicants regardless of age, race, color, sex, religion, creed, national origin, disability, sexual orientation, gender identity/expression or veteran status.
If you are an individual with a disability or a disabled veteran requiring assistance and/or reasonable accommodations reviewing any of the careers information, please contact us at ati+ask4max@service-now.com.
Please note that Allison Transmission will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Allison Transmission will not solicit money or banking information from applicants.
Building cities. Driving commerce. Saving lives. For over 100 years, Allison Transmission has powered the vehicles and technology that move our world forward.
What powers us? Our employees. From the first person hired by James Allison in 1915 to the thousands across the globe who work for Allison today, we're driving progress everywhere because we employ top talent worldwide.
Learn more about this role and how you can begin driving your career forward!
Benefits:
The below list features some of the benefits currently available. Eligibility may be subject to the terms and conditions of governing documents and available benefits may be subject to change at the company's discretion.
- Choice of medical plans with prescription coverage
- Employer HSA contribution
- Dental & Vision Insurance
- Paid Parental Leave
- Short & Long-Term Disability
- Other voluntary benefits including: Critical Illness, Hospital Indemnity, Identity Theft Protection and Pet Insurance
- 401K with generous Company match & contribution
- Accrued Paid Time Off
- 12 Paid Holidays
- 8 hours paid volunteer time per year
- Robust employee wellness program
- Tuition assistance program & Dependent scholarship program
- On-site blood drives
- Voluntary employee groups open to all who wish to participate, including: Global Women's Network, Emerging Professionals ERG, Multicultural ERG, Veterans ERG, Toastmasters Club, and more.
Job Description:
The Identity and Access Management (IAM) Manager is an integral part of the IT Security organization and will be the subject matter expert for core aspects of the IAM program across the global organization. This role will be responsible for advising leadership on ways to evolve our IAM strategy. This role protects the brand, company, and employees defining and promoting an IAM strategy that adapts to address continually evolving threats. This position will drive measurable operational process improvements and IAM technology projects in collaboration with multiple teams within Allison. This individual will promote corporate IAM standards to stakeholders within the organization. This position will also assist in monitoring the environment (incidents and events) for signs of trouble and be able to work with the IT Security Operations Team when a high-risk alert occurs or when there is a suspected attack. A key part of the role will also include extensive collaboration with Security Governance, Risk, and Compliance (GRC), architects, developers, vendors, and business units to constantly improve the overall security posture at Allison Transmission. We're looking for a team player with highly technical, analytical, and communication skills to deliver IAM security best practices across Allison Transmission.
Key Responsibilities
This is an active, hands-on role, responsible for end-to-end management, planning, design, development, and the support of the IAM function and all its components including oversight to the CIAM, IGA and PAM program, daily operations, ticket resolutions, delivery, client interaction, execution, monitoring, and people management
Prepare and maintain Information Security technology "roadmap" as it relates to IAM ensuring alignment to business objectives
Provide oversight of planning, build, implementation, and operation of the underlying technology platforms and processes across the IAM spectrum, including Identity Management, Access Request, Access Governance, Provisioning, Single-Sign on, MFA controls, Privileged Account Management, and other required components
Develop, maintain, and facilitate the adoption of IAM standards, processes, and procedures
Lead the coordination and response to IAM regulatory, audit, and compliance requests
Manage application certifications and attestations
Work across IT teams to deliver IAM best practices for on premise and cloud-based solutions for employees, contractors, vendors, and customers
Drive the implementation of least-privilege-based IAM solutions
Create business cases with leadership to secure resources, implement initiatives, and deliver expected results and business value
Drive initiatives to transform IAM provisioning and lifecycle management, leveraging self-service and automation capabilities to enable a frictionless user experience
Present IAM metrics and maturity indicators to leadership monthly
Participate as an active member of the Cyber Security Incident Response Team
Develop and direct IAM technical team in the investigation and resolution of complex privacy, security, and access management problems
Participate in triage and outage calls, work with the team to come up with root cause analysis, actively engage in incidents raised and escalation as needed
Directs business IT application teams on access management technology issues and opportunities
Identify, evaluate, and develop opportunities for process improvement, training, and awareness materials to educate users on IAM policies and practices
Work with global organization to ensure that security needs are met and integrating security into the overall business strategy
Prepare reports and artifacts for internal and external audits
Strong understanding of NIST, SOX, EU-GDPR regulations
Own the identity management policies and processes globally, maintaining applicable compliance across the organization (i.e., NIST, SOX, etc.)
Remain current on evolving security technologies related to IAM, including the identification of changes and trends in cybersecurity with the ability to inform senior management of both impact and recommendation of these changes
Plan and prioritize new application onboardings and coordination with IT projects and M&A activity
Qualifications
Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline.
One or more of the following Information Security Certifications is highly desired:
o Certified Identity and Access Manager (CIAM)
o Certified Information Systems Security Professional (CISSP)
o Certified Access Management Specialist (CAMS)
o Certified Identity Governance Expert (CIGE)
o Certified Identity Management Professional (CIMP)
o Certified Identity and Technology Technologist (CIST)
o Certified Information Security Manager (CISM)
o Certified Information Systems Auditor (CISA)
Experience
Required:
At least 7+ years' experience in cybersecurity, with at least 5 years in IAM
At least 2 years in a supervisory / lead role
Good understanding of Sarbanes Oxley and NIST compliance and information security policies and procedures.
Working knowledge of IAM infrastructure, including Identity Governance & Administration, AD/LDAP, Federation, Multi-Factor Auth, Customer Identity and Access Management (CIAM), and Privileged Access Management
Deep understanding of IAM technologies, controls, and best practices (OKTA, SAP, SailPoint, LDAP, directories, certificates, SAML/OAUTH, MFA, Adaptive Authentication, PKI, IGA, and IdP)
In-depth understanding of authentication, authorization, role-based access, least privilege and segregation of duties access control concepts
Knowledge of Active Directory concepts, including users, computers, groups, policies, Cloud Infrastructure, Database, and Identity technical concept.
Experience capturing IAM use cases and defining IAM requirements and processes
Experience deploying and managing Role-Based Access Control (RBAC) preferred
Experience implementing cloud identity management
Allison Transmission is an equal opportunity employer. We have opportunities for all qualified applicants regardless of age, race, color, sex, religion, creed, national origin, disability, sexual orientation, gender identity/expression or veteran status.
If you are an individual with a disability or a disabled veteran requiring assistance and/or reasonable accommodations reviewing any of the careers information, please contact us at ati+ask4max@service-now.com.
Please note that Allison Transmission will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Allison Transmission will not solicit money or banking information from applicants.