Job Purpose

Lead and oversee Identity and Access Management (IAM) initiatives for both IT and OT environments. The IAM Senior Manager in Information Security optimizes and manages identities and access for individuals and entities by implementing identification, authentication, authorization, permissions, and privileged access controls. This includes overseeing Bring Your Own Device (BYOD) policies, access rights, and user account systems and processes. The role ensures strict enforcement of cybersecurity standards and compliance while safeguarding data protection and managing privileged access.

Position Accountability Description

Strategic Leadership
1. Develop and implement a strategic IAM (Identity and Access Management) roadmap aligned with the organization's cybersecurity goals, ensuring robust access control and cybersecurity measures across all systems and applications. 
2. Oversee daily operations by managing team activities, resolving issues, and ensuring adherence to IAM policies, ensuring smooth and efficient departmental functioning. 
3. Establish and monitor key performance indicators (KPIs) to measure the effectiveness of IAM processes and drive continuous improvement in access control, compliance, and cybersecurity. 

Operational Excellence 
4. Manage daily operations by overseeing team activities related to IAM, resolving issues, and ensuring adherence to policies, thereby maintaining smooth and efficient departmental functioning and minimizing disruptions. 
5. Monitor and evaluate user provisioning processes and access request workflows, ensuring timely and accurate execution, and reducing the risk of errors or unauthorized access, thus optimizing operational efficiency. 
6. Lead the regular review and update of access control policies and procedures, ensuring they remain aligned with industry best practices and organizational needs, to maintain a robust and efficient IAM framework. 
7. Lead ongoing access reviews and certifications, ensuring that permissions and access rights are correctly aligned with current roles and responsibilities, reducing unnecessary access and improving overall system cybersecurity. 
8. Manage the optimization of IAM technologies and tools by staying informed about the latest industry trends and integrating advanced solutions to enhance operational efficiency, cybersecurity, and user experience. 
9. Guide the definition, establishment and maintenance the Identity and Access Management solutions.
10.Manage and execute identities and roles based on approved Segregation of duties (SoD) business Matrix.
11. Oversee Identity Governance and Administration (IGA) by ensuring the implementation and maintenance of effective policies, procedures, and technologies that manage user identities, roles, and access rights across the organization. Ensure compliance with regulatory requirements and internal cybersecurity standards while optimizing the lifecycle of user access. 
12. Manage ERP Governance, Risk, and Compliance (GRC) access controls by implementing and monitoring cybersecurity measures that safeguard sensitive enterprise resource planning (ERP) systems. Permissions across IT and OT environments. 
13. Ensure that the IAM strategy is embedded in the various cybersecurity domains. 
14. Define, establish, and maintain the Identity & Access Management (l&AM) solutions architecture in a holistic manner, with coverage across technology, process, and people components. 
15. Manage the Design, implementation & monitoring of ERP cybersecurity processes and authorization concepts. 
16. Manage day-to-day support of ERP GRC (Governance Risk & Compliance) Access Controls. 
17. Lead the enhancement process for the IAM solutions.

Minimum Job Requirements

Skills Description 
(Identity and Access Management) expertise, Strong knowledge of cybersecurity principles, Experience with risk management and compliance, Leadership and team management skills, Strong communication and interpersonal skills, Problem-solving and critical thinking abilities, Project management skills, certified in relevant cybersecurity certificates (e.g., Certified Information Systems Security Professional - CISSP), Knowledge of cybersecurity regulations and best practices. 

Competencies