Manager, IAM Technology Operations

Aflac   •  

Columbus, GA

Industry: Finance & Insurance

  •  

5 - 7 years

Posted 46 days ago

Job Summary

Develop, support, and implement strategy for Global Security Operations with a focus on Identity and Access Management technology and processes, comprised of operating security tools, implementation of technical controls and capabilities. Manage internal resources as well as Managed Security Service Provider relationships to ensure technology capabilities are deployed and operationalized in direct relation to risk reduction and business needs. This role will partner with Global Security Engineering teams on tool selection and implementation to ensure capabilities are operationalized, budgeted, sustainable, and meet both security and business demands. The role will also partner with IAM Access Governance teams to ensure controls are automated, testable, and measurable.

Principal Duties & Responsibilities

Drives the IAM strategy execution through technical capability implementation and day to day operations

Develops and measures career advancement goals, training and KPI's for assigned team

Own the full lifecycle of key security tools, including working with vendors and security team members to develop short and long-term roadmaps that drive the most effective use of each tool. This role is 40% strategic/tactical, 60% operational

Run projects as an SME to deliver new modules, features or capabilities that your tools offer as they evolve

Identify manual processes that are candidates for automation and take the lead on automating them

Manage the daily operations of each tool to ensure it is operating as expected and that the user experience is positive

When necessary, troubleshoot issues with the technologies from a tier 1 to tier 3 issue, including working with the vendor as-needed

Develop and/or maintain detailed technology lifecycles related to security controls in the following domains: Data Access Governance, Email, Certificates, PGP Key, Multifactor Authentication, SSO, Federation, IAM Platform, Group Policy support, AD controls, Privilege Access Management, etc

Support existing security controls from a platform as well as a rules, security policy and configurations perspective

Research and stay up to date on the latest security technologies and threat landscape

Plan, test and implement new security configurations, features and security policies

Collaborate with Global Security teams and provide expert systems security knowledge to achieve a common goal of improving our security posture throughout the enterprise

Monitor all managed systems to ensure security controls are functioning within defined parameters

Works with Access Governance and Access Administration on technology roadmaps to address control and process gaps, efficiency gains through automation, and continuous cycle of program maturity

Develops and matures core foundational Business, Technology, People and Analytical processes within a security and IAM environment

Manages Vendor relationships associated with IAM

Partners with local operations at other Aflac subsidiaries to ensure adherence to IAM best practices

Participates in various enterprise Information Security discussions and acts as primary representation of the IAM team when coordination of IAM services through IAM technology is needed.

Confers with supporting teams (Governance, Legal, and etc.) and management to address identified opportunities to enhance Aflac's information security posture

Performs annual capabilities needs and roadmap assessments to stay aligned with business needs and emerging threats

Actively participate internally and externally with various members of the Information Security industry

Performs other duties as required


Qualifications

Education & Experience

A bachelor's degree in Computer Science, Information Systems or a related field and five to six years of Information Security analyst/engineer experience or an equivalent combination of education and experience

Progressive experience working within an information security environment

Vendor Management experience to include establishing and ensuring SLA/SLO levels are met

Four years of supervisor/senior level experience

Proven experience in planning, organizing and developing technical capabilities

Experience with regulatory and compliance initiatives such as HIPPA, PCI and advanced knowledge associated with the protection of PII

Experience interfacing with peer support teams (Security Engineering, Threat Teams, Access Management, Legal, Governance and etc.

Job Knowledge & Skills

Familiarity with enterprise level information security best practices and security frameworks (i.e. Acceptable Use Policies and etc.)

Strong knowledge of identifying enterprise threat landscape as well as anatomy of cyber-attacks methodology as it relates to Identity and Access Management

International experience is a plus

Knowledge IAM best practices

Experience managing operational teams

Strong experience building, leading and developing teams of 10+ professionals

Familiarity with the following technologies:

Privilege Access Managers

Certificate Management technology

Federation and SSO