IAM Consultant required. An IAM Consultant is required by one of Montash's clients, a leading financial institution based in Cardiff, on an initial six month contract.
The IAM Consultant, will be focussed on the ownership of the IAM (Identity and Access Management) Service; acting as its owner within the architectural model and the Security Management team.
You will be expected to possess and maintain an in-depth knowledge of the full IAM stack and originate (and lead the implementation of) enhancements to all aspects of the Service. Throughout the system's life, it is highly likely that at least some aspects of the Service will be delivered via third parties.
Although you will be supported by colleagues within Procurement and Operational teams, you will be expected to possess strong Vendor Management skills and to achieve best value from not only internal, but external resources supporting the Service.
Main responsibilities for the IAM Consultant include:
- Key Security Management point of contact for all matters relating to IAM.
- Provisioning of Access Control measures, ensuring that they meet not only the business needs, but also legal, regulatory and compliance requirements and that these are suitably audited.
- Providing support to Projects and other requests from the Business, to provide practical, realistic advice as to how to meet Business needs, whilst reducing the level of risk.
- Determining and maintaining the correct Architectural model of the IAM solution and ensuring that this aligns to the broader Shared Components Architecture
- Act as SME for related technical disciplines that support IAM, such as Access Control using LDAP, RADIUS, Two-Factor Authentication, etc.
- Providing the necessary information, documentation and guidance to allow other systems and applications teams to integrate with IAM in a way that is flexible, sustainably maintainable and easily reproducible.
- Participate in the broader IT ecosystem and lead the changes necessary to the IAM platform, to ensure that it is suitably adapted to meet the changing needs as new technologies are adopted and integrated (EG Cloud, BYOD, implementation of U2F, etc.)
- Act as a main point of contact for engagement with stakeholders who consume, or otherwise rely upon, IAM services and ensure that the resultant IAM strategy is the correct balance of all parties' interests.
- Work with the Controlling team to manage not only the budget for the IAM suite (and spend relating to its maintenance), but also to provide realistic and fair cross-charging models, to ensure that development of new features and capabilities is funded with good cost-transparency, in order to ensure that resources are spent optimally.
- Increasingly, as the company grows its technology offerings, there is a need to seek to fulfil Services via third parties. This creates a need for Vendor Management skills and even overseeing third party employees delivering services in a supervisory capacity.
- Although your core focus will be IAM, you will be expected to have at least a rudimentary understanding of all facets of Information Security and to remain abreast of Information Security (and general technological advances and their implications for Information Security) both internally and in the broader cyber security ecosystem.
Key skills for the IAM Consultant include:
- Relevant IAM, Information Security and general Information Technology knowledge. Applicants able to demonstrate this experience and knowledge, but lacking the relevant certifications will be considered, but will be required to attain relevant qualifications (CIGE, CIST, CIAM, CIMP, CAMS, CAP, CISSP, etc.) within 12 months.
- Experience of an Identity and Access Management suite (experience of Oracle; OIM, OAM, etc. a plus) and their enterprise implementation, including leading the translation of Business Requirements into technical implementations which reflect the business needs.
- Candidates will ideally have experience of implementing and managing PAM/PSM via CyberArk.
- Demonstrable experience of implementing and/or managing an ABAC system (ideally Axiomatics) is highly desirable.