Summary: About the role: The Associate Director Enterprise Architecture IAM (EA IAM) will support leading the IAM Enterprise Architecture as well as contribute to an extensive transformation program to modernize and centralize Novartis' IAM backbone. The EA IAM will be responsible for architecture and design of various IAM platforms, define the standards for their use and acceptable implementation patterns, in line with Novartis information security standards and industry best practices. They will be leading cross-functional teams to execute and implement our IAM change strategy to transform the way our company deals with digital identities and their various types of access to our systems.
He/she will be working in a collaborative environment to understand business and technical requirements, propose solutions, provide technical oversight, lead technical implementation, and support adoption of new technologies and capabilities.
Key Responsibilities:
Definition of IAM standards and architecture patterns and contribution to the overall Novartis technology strategy.Technical leadership for various IAM transformation projects, throughout the project lifecycle, including evaluating business requirements and security technologies, planning technology deployment, aligning with security engineering and solution architecture teams.Effectively liaise with other teams in information security & risk management, infrastructure & architecture management as well as business functions.Contribute to the development of overall Novartis technology strategies, designs, standards, and procedures that support business strategies.Ensure that project and development teams gain a sufficient level of IT security awareness for designing new services, technology, and source code to gain an effective and sustainable IT security improvement and lower risk to the organization when projects are handed over to operations.Reports on IAM statistics across the company.Ensures industry network regarding IAM. Minimum Requirements:
University working and thinking level, degree in business/technical/scientific area or comparable education/experience.10+ years of working experience in Identity and Access Management domain; minimum 5 years in architecture capacity; 5+ years of IAM project experience and leading teams.Demonstrated security architecture conceptual skills, solutions delivery, and decision making, incorporating sound security principles, and emerging technologies to design and implement enterprise security solutions.Prior experience in IAM policy, standards, guidelines, and patterns definition.In-depth understanding of the IAM domain including strong knowledge of:Role and attribute-based access control implementation experience.IAM governance processes.Azure AD security technologies.IAM capabilities of major cloud providers such as AWS, Azure, Salesforce, Workday, ServiceNow, SAP, etc.Privileged access management.AD architecture.API security and best practices for authentication/authorization.Automation and integration related to IAM systems.Experience in reporting to and communicating with senior level management (with and without IT background), with and without in-depth risk management background on information risk topics, and excellent written and verbal communication and presentation skills; interpersonal and collaborative skills.Proven experience to initiate and manage projects that will affect other divisions, departments, and functions, as well as the corporate environment.Experience working in a multi-vendor, global environment and leading technical teams.Self-motivated, delivery focused with keen attention to detail and good decision-making ability to function with/without supervision to deliver in time and at expected quality. Desirable:
Professional information security certification, such as CISSP, CCSP, CISM is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred.Prior experience in leading from a technical point of view IAM transformation projects. Languages:
English.
Please note: this can be based in Barcelona or Hyderabad.
Division: Operations
Business Unit: CTS
Location: Spain
Site: Barcelona Gran Vía
Company / Legal Entity: ES06 (FCRS = ES006) Novartis Farmacéutica, S.A.
Alternative Location 1: India
Alternative Location 2: Spain
Job Type: Full time
Employment Type: Regular
Shift Work: No
#J-18808-Ljbffr