Identity and Access Manager Leader recruitment

DEPARTMENTAL DESCRIPTION

Information Security team is part of the operational risk management division and is responsible for managing IT Security and information risks by:

 Protecting confidentiality, availability, traceability and integrity of Societe Generale US, Canada and Brazil data, information and information systems, bank’s reputation.

 Preventing internal frauds and external attacks.

 Information security team has been organized around various areas of expertise; one of them is user identity and access management (IAM).

The IAM team within SAFE/FIS/AME is responsible for:

 Defining Identity and access management policies.

 Managing through global and local tools internal and external users’ access rights to our information systems

 Integrating business applications to single-sign-on solutions (SSO).

 Performing user entitlement review in order to ensure the accuracy and relevance of users’ access rights

 Providing expert opinion on sound remediation of identified risk exposure.

 Integrating regional requirements (business or regulatory) on global projects led by our Paris based Headquarter.

 SG Americas Information Security team is seeking for an experienced IAM Leader to join its regional IAM team.

 RESPONSIBILITIES

The Identity and Access Management leader (IAM Leader) is responsible for hands-on design, development, testing and implementation of custom workflows, automated provisioning and other tasks in Identity and Access Management (IAM) solutions.

He/she will work with business users and business analysts to design solutions, supply work estimates for tasks, develop/configure workflows and provisioning in accordance to Societe Generale global standards for IAM, internal policies and industry best practices.

The IAM Leader will act as a subject matter expertise in business and IT user access management, single-sign-on integration, smart card management, and will provide a holistic view to Information Security management on current risk exposure, options for remediation, and compliance level with internal policies. He/she will also be the liaison with IAM global leaders in other regions to ensure alignment of objectives, and solutions globally.

The IAM Leader implements, maintains, and manages an Identity and Access Management (IAM) system for a centralized and role based user provisioning and de-provisioning program, assists in coordination of technical external audits of local security initiatives around applications and web application security with various internal departments, collaborates with Policy, Awareness Compliance and Application Security teams to ensure operational procedures are in alignment with IAM policy, regulatory, and business requirements.

 COMPETENCIES

Required/Must have:

 Identity Management familiarity in one or more of the following areas:

 o Single Sign On

 o Enterprise Directory Architecture and Design

 o Resource Provisioning

 o Role Base Access Control

 o User entitlement review

 o IT user profile management and access requirements

 Ability to operate effectively in a matrix, multi-cultural and global organization.

 Strong leadership and influence skills to achieve sustainable results in a distributed team without formal authority.

 Ability to overcome resistance to change.

 Experience facilitating business process design as it relates to managing identities and access privileges

 Experience developing identity management governance plans

 Experience in preparing and presenting briefings to senior managers with various background (IT or business).

 Experience with one or more directories such as Active Directory and LDAP

 Ability to assist in the development for information security and identity management best practices guide

 Ability to multi-task with very strong attention to details

 Ability to handle sensitive matters with discretion and maintain confidentiality

 Strong oral and written communications skills

 PRIOR WORK EXPERIENCE

Previous Experience:

 7+ years of experience in developing, implementing or architecting information systems

 5+ years technical architecture experience integrating identity and access management software into IT infrastructure and applications • 5+ years experience in the following:

 o Design, implementation, and maintenance of complex information security solutions.

 o Coordinate activities with other technical personnel as appropriate during all phases of project development lifecycle.

 Supervisory experience and demonstrated leadership capabilities required

 Provides technical leadership to internal and external personnel on information security, identity management and access and enterprise application integration processes.

 Mentors and provides guidance to less experienced personnel.

 Ability to take a broad view of his/her position and take initiative to communicate, interact and cooperate with others.

 Demonstrated ability to write report segments and to participate in presentations

 Ability to work as a member of a team and independently

 Ability to work together with and lead a small team

 Strong potential for growth and acceptance of additional responsibilities

 EDUCATION

Required/must have:

Bachelor degree (or equivalent) in Computer Science, Engineering or business administration.

Strong interest in Information Security, information risk management in capital market/finance industry.

Security certification required (CISSP, CISM, CISA, CRISC or equivalent)