EY Jobs

Job Information

EY IAM Security Architect, Identity Lifecycle Management in Alpharetta, Georgia

IAM Security Architect, Identity Lifecycle Management

Core Business Services

Requisition # ALP0027A

Post Date 2 days ago

EY Technology:

Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.

EY Technology supports our technology needs through three business units:

Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY toidentify new technology-based opportunities faster and pursue those opportunities more rapidly.

Enterprise Technology (ET) – ET supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the most affordable possible cost for quality services. ET will also support our internal technology needs by focusing on a better user experience.

Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.

The opportunity

The Identity & Access Management (IAM) Identity Lifecycle Management (ILM) Architect reports to the Domain Architect Lead for IAM Architecture in a hands-on role focused on the security architecture in the identity lifecycle management and provisioning space. The architect works directly with Lead Development, Engineering and Operational resources through collaboration and mentoring to shape the IAM capabilities for the firm.

The Identity and Access Management (IAM) ILM Architect is accountable and responsible for the alignment of business, operational and security requirements and translation of those requirements into technical IAM capabilities. IAM services include, but not limited to, Identity Lifecycle Management, authentication and authorization, session management, access requests, access provisioning,

access reauthorization, remote access, IAM services API, role and entitlement models, and directory technologies. The IAM ILM Architect will work with other Architects and Service Owners to create a roadmap that meets strategic and current requirements.

Your key responsibilities

  • Responsible for managing end-user identity, end-user application access, application resource access, directory maintenance, to include the user and application security lifecycle from provisioning to de-provisioning of access rights.

  • Deliver technical security configuration architecture expertise in implementing cross-organizational information sharing.

  • Develop solutions and recommendations for issues caused by process challenges, emerging threats and technology changes.

  • Act as trusted security architecture advisor with extensive evidence of ability to provide strategic direction in leading activities in support of Identity Lifecycle management tools & technologies and enterprise security objectives.

  • Provide professional knowledge and experience of information systems security identity policies and large enterprise scale practices.

  • Develop security architectures, and engineering system specifications implementing identity management and security controls in development and operational systems.

  • Solid understanding application and systems security architecture and best practices.

Analytical/Decision Making Responsibilities:

  • The individual in this role must be able to understand and interpret identity and access management strategies and direction.

  • Further, the person must be able to bring together key tenets of Information Security to the IAM strategies and develop technical

  • security solutions that properly align. The IAM Security Architect will contribute to the overall effort of the IAM direction of the firm.

Skills and attributes for success

The individual in this role must be well educated in general aspects of Information Security, namely:

  • 12+ years of practical experience in the field of IT is required. 8+ years of direct Information Security experience.

  • 6+ years’ experience in hands-on Identity Management positions

  • SME knowledge of Sailpoint IdentityIQ (IIQ), and Active Directory.

  • Extensive experience working with IAM Technologies including strong experience with Sailpoint and some experience with other identity Lifecycle management products such as FIM, MIM, Azure AD connect

  • Must have proven experience in providing architecture guidance and advisory services to clients for various environments and systems, including application/technology blueprints, roadmaps, optimization, and migration strategies.

  • Knowledge of Active Role Server and Imanami GroupID

  • Strong knowledge of Exchange and PowerShell, SQL Server, Microsoft SQL Server Integration Services (SSIS)

  • Strong network and host security background in Windows

  • Must have an experience of implementing an enterprise level IAM (ILM) infrastructure.

  • Ability to effectively communicate and advocate key security requirements and control implementation to the development team

  • Bachelor’s or Master’s degree in Information Assurance, Computer Science, Information Systems or related field of study.

Ideally, you’ll also have

  • Experience in IDM integration across domains

  • Significant experience in ADDS, Azure AD

  • Ability to communicate effectively with all levels of management, both verbally and in writing

  • Significant experience in Oracle DB & Microsoft SQL Server

  • Experience with ABAC, RBAC

  • Security architecture and engineering experience

  • A security industry certification including but not limited to CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+.

What working at EY offers

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

  • Support, coaching and feedback from some of the most engaging colleagues around

  • Opportunities to develop new skills and progress your career

  • The freedom and flexibility to handle your role in a way that’s right for you

EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build abetter working world. That starts with a culture that believes in giving you the training, opportunities andcreativefreedom to make things better.Whenever you join, however long you stay, theexceptionalEY experience lasts a lifetime.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now.

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.