Senior Identity & Access Management Architect

Thermo Fisher Scientific   •  

San Francisco, CA

8 - 10 years

Posted 296 days ago

This job is no longer available.

Job Description

*Open to possible remote work or other Thermo Fisher Scientific locations in addition to those listed.*

About Thermo Fisher Scientific
Thermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with revenues of more than $20 billion and approximately 65,000 employees globally. Our mission is to enable our customers to make the world healthier, cleaner and safer. We help our customers accelerate life sciences research, solve complex analytical challenges, improve patient diagnostics, deliver medicines to market and increase laboratory productivity. Through our premier brands - Thermo Scientific, Applied Biosystems, Invitrogen, Fisher Scientific and Unity Lab Services - we offer an unmatched combination of innovative technologies, purchasing convenience and comprehensive services.

Position Summary:
The IdAM architect will leverage previous experiences not currently available within team, to architect timely and efficient identity platforms starting with multifactor authentication followed by all other platforms associated with our identity and access management trajectory. The platforms that we implement will first and foremost help significantly secure our ThermoFisher identities. Second and subsequent work will consist almost entirely on platforms which further secure our systems, while helping to empower employees and business units to function more efficiently. As part of our initiatives, we will centralize multiple identity and access platforms managed by various other teams, into a single industry respected platform.

Key Responsibilities:

  • Manage the design, development, test, launch, and continuous improvement of the company identity solutions
  • Work closely with the infrastructure and security teams to align solutions with strict security policies while maintaining a positive employee experience
  • Strong focus on redesigning, setting up net new or, helping maintain or set best practices and support documentation for: MFA, federation platforms, privileged account management, conditional & timely access, mobile device management, change management
  • Work closely with business units to ensure our IdAM platforms are empowering, while securing but not hindering our employees.
  • Perform an initial and yearly stringent business unit summit to understand access needs, and platform progress, leading to improvements on our identity and access policies
  • Set processes and best practices to maintain current identity and access management solutions and, to provide the same for net new implementations as the company grows.
  • Utilize ITSM orchestration tools to automate identity changes and access requests through employee self service portals by collaborating with ITSM or in department developers.
  • Provide documentation and training guidance.
  • Monitoring and data collection accountability to adapt IdAM platforms to changes or trends
  • Continually assess identity platforms and technologies for future mode of operation considerations.
  • Work closely with security cloud architects.
  • Continuous process improvement for least cost to maintain and support using automation, self service and ‘shift left’ administration.
  • Use of influence skills to obtain buy-in and participation from various groups and stakeholders without direct control.
  • Work with staff and management across all levels of the organization.
  • Provide subject matter expertise in Identity and Access management.
  • Collaborates with other IT team managers to ensure consistency, adaptability, responsiveness, and effectiveness of identity solutions
  • Pivot responsibilities quickly when asked or required.

Minimum Requirements/Qualifications:

  • Bachelor’s Degree in Computer Science, Information Security, Management Information Systems, or equivalent work experience acceptable
  • 8+ years experience in Information Technology.
  • Strong Active Directory and Windows Server engineering experience of 5+ years. Linux/Unix background is a plus.
  • 3-5+ years proven work history of providing Identity/Access/Security solutions to a global enterprise.
  • Excellent employee service skills required. Always mindful of the ‘user experience’
  • Cloud technical certificates a plus
  • Strong interpersonal and communications skills with the capability to communicate effectively to non-technical decision making employees is required
  • Excellent documentation and template creation skills are a must
  • Ability to explain and champion technical concepts to a broad audience focusing on business reasons to do so.
  • Strong self-starter skills with a habit for looking ahead to the next project to tackle.
  • Strong analytical and product management skills required, including a thorough understanding of how to interpret customer business needs and translate them into application and operational requirements
  • This is a remote position
  • Up to 25% of travel