Req ID: 470216
At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80 000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.
Purpose of the job
Reporting directly to the Architect leader, the IAM Architect h e or she is in charge of developing and leading the governance of identities and accesses, in compliance with the IAM security policy at group level. This includes the support on definition of global processes to manage the lifecycle of users accounts and identity in the IT landscape.
He coordinates and gather relevant stakeholders around IAM topics, including but not limited to HR, Sourcing, Master Data managers, IS&T, business representatives.
He designs the appropriate IAM mechanisms and tools to be implemented within the Alstom Information System and is in charge of leading the functional and technical roadmap.
He works with external /internal resources supporting Alstom IAM program and ensure the relation with external parties with the support of sourcing and legal teams.
Main Responsabilities- The IAM specialist as under his responsibility
- Collaborate on IAM standards definition
- Identity Lifecycle Management: analyzes, troubleshoots, and resolves system and process events. Initiates assessment for solution development and service improvement with oversight of requirements, design, test, & solution implementation. Analyzes and develops run time metrics, key performance indicators, and reporting methods to management. Provides general administration and client support of IAM tools and services, which may require work outside of normal business hours to support planned and unplanned system updates and/or outages.
- Work with Architecture validation, against Security Policy
- Support level 3 expertise for IAM platforms and topics
- Imroove the IAM global IAM architecture linked to IAM Buisiness to Employee and Business to Business
- The IAM architect follows and support the security aspects related to IAM in Alstom's IT projects
- ISSCQ produce all Information System Security and Compliance Questionnaire at the initial phase of all projects
- Risk analysis perform risk analysis and identify mitigation plan when relevant
- Security Insurance Plan make sure that all IT partners/providers respect the IAM policy when they deliver services (e.g. Cloud or SaaS provider)
- Security Acceptance make the right decision considering the residual risk and the asset value
- ISS Run Q&A and industrialization
Qualification & Competencies - Expected Level
Qualification: (to be filled for Job offer)
Initial Background: an IAM architect having 4-5 years of experience in IAM architecture/security activities, ideally with an architecture background in IT Security
Languages: English (mandatory)
, French (optional)
Mandatory experiences:
- IAM concepts
- IAM Architecture
- Security background
- Excellent written/verbal/communication, listening and facilitation skills
- Able to analyze risks and to design an appropriate IAM security pattern (provisioning, habilitation workflow, authentication, master data authorities, segregation of duty, Privileged Access Management, federation)
- Subject-matter expertise across all IAM topics as it relates to both cloud and on-premises enterprise technology, and the relationship between the architectures.
- Drive the adoption of Authentication and Authorization reference architectures for existing, new and emerging IAM technologies.
- Develop effective architecture solutions that not only satisfy immediate project requirements but also deliver a coherent, reusable, reliable and phased architecture to help the business grow and change while aligning IAM security policy.
- Risk analysis
- Knowledge of ISO 27002 and ISO 27005
Competencies (only for Job description)
Technical Competencies (max 20)
Experience architecting IAM solutions: must have
Experience on IAM solutions within Saviynt AAG, Microsoft Azure or other IAG solution: Nice to have
Very Good understanding of Identity & access governance, Multi-Factor authentication and Privileged Access Management: must have
Good understanding on technologies related to Identity and access management, such as e.g. API ,AD,LDAP,SQL : must have
Intimately familiar with IAM related protocols such as
SAML,
SCIM, SPML, XACML,
OpenID and OAuth :must have
Good understanding on functional concept of Identity and access management (workflows, SOD, recertification access, provisioning, auto-correlation access, ): must have
Good understanding on IT architecture principals and design (e.g network, e.g) must have
2-3 years of IAM Saviynt software experience is appreciated: nice to have
You don't need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you'll be proud. If you're up for the challenge, we'd love to hear from you!
Important to note
As a global business, we're an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We're committed to creating an inclusive workplace for everyone.
Job Type: Experienced
