The Senior GRC Security Specialist with a focus on Identity Management will serve as an expert within our Information Security team
This role involves leading the strategic implementation of security governance, risk, and compliance (GRC) with a specialized focus on Identity and Access Management (IAM) solutions for our rapidly expanding company
You will collaborate closely with business leaders to manage risk and ensure robust identity security within our governance framework
This position requires high-level policy management, a profound understanding of identity security in compliance and sales enablement, as well as hands-on involvement with risk management, audits, and security operations
A strong sense of professional development is essential for this role, as it will help me stay at the forefront of identity security practices and regulatory knowledge
Responsibilities
Lead the development and execution of comprehensive GRC strategies focused on IAM, ensuring alignment with business objectives, regulatory requirements, and the broader GRC strategy
Drive the IAM program, including the creation of policies, procedures, and controls to mitigate identity-related risks
Conducted in-depth security assessments specifically focused on IAM in cyber risk management and security governance
Identify, assess, and oversee the mitigation of information security risks related to IAM, ensuring timely execution of plans
Champion regulatory and compliance initiatives (eg, ISO 27001, GDPR, etc) as they relate to IAM, leading audits and compliance assessments in this domain
Evaluate, recommend, and oversee the implementation of IAM technologies and solutions, such as privileged access management, single sign-on, and identity governance
Act as a subject matter expert on IAM within the information security team, providing guidance and leadership
Qualifications
Minimum 6 years of experience in information security, with at least 3 years specialized in IAM within a GRC context
Proven expertise in developing and managing IAM strategies in complex environments, preferably across multiple cloud-based technologies and solutions
Deep understanding of identity security operations tools and services such as multi-factor authentication, identity providers, directory services, and related technologies
Familiarity with information security governance, risk management, and compliance frameworks, particularly as they relate to IAM (eg, NIST Cybersecurity Framework, ISO 27001/2, ITIL, GDPR)
Strong organizational skills, attention to detail, and the ability to manage multiple projects and priorities with a high degree of professionalism and client service orientation
Adaptable to a dynamic, rapidly changing environment
Excellent communication and interpersonal skills; proficiency in English required
Bachelors or Masters degree in a computer-related field or equivalent experience
Experience with security operations tools such as logging systems, intrusion detection/prevention systems (IDS/IPS), Anti-virus, SIEM, Vulnerability Management tools, DLP, endpoint protection, web filtering, CASB, etc Experience with industry leading IAM solutions and services
Knowledge of common information security governance and regulatory frameworks such as ISO 27001/2, Information Technology Infrastructure Library (ITIL), and General Data Protection Regulation (GDPR)
Highly developed organizational skills and attention to detail, including the ability to handle multiple projects and priorities simultaneously with high professionalism and client service orientation
Ability to work effectively within a fast-paced, changing environment
Excellent communication and interpersonal skills in English are required
Preferred BA/BS in a computer-related field or relevant work experience Professional security management certification (eg, CISSP, CISM) with a focus on IAM credentials such as Certified Identity and Access Manager (CIAM) or similar
