IAM Architect

• Collaborating on the definition of IAM standards
• Validating architecture against Security Policy
• Enhancing the global IAM architecture
• Supporting security aspects of IT projects related to IAM
• Perform Technical review and Impact assessment for all changes and new requirement. Update the design document and maintain
• Support level 5 – expertise – for IAM platforms and topics
• Ensure critical applications are well integrated with the good level of IAM control and governance ( access review, good approval workflow) based on policy and instruction.
• Contribute & validate new security solutions like B2B Operations and B2B SSO in IAM.
• PAM architecture & domain expertise
• Collaborate and support for troubleshooting and manage issues related to identities, authentication/authorization and access permissions. 
• Able to analyse risks and to design an appropriate IAM security pattern (provisioning, habitation workflow, authentication, master data authorities, segregation of duty, Privileged Access Management, federation)
• You'll specifically take care of coordinating with stakeholders on IAM Architecture topics, managing identity lifecycle processes, and working with external/internal resources to support the Alstom IAM program.
• Recommend solutions for complex operational problems & implement industry best practices

• The IAM Architect would contribute actively to the security aspects related to IAM in Alstom's IT projects
• ISSCQ – produce all Information System Security and Compliance Questionnaire at the initial phase of all projects
• Risk analysis – perform risk analysis and identify mitigation plan when relevant
• Security Acceptance –make the right decision considering the residual risk and the asset value

Experience

•  Bachelor's/Master's degree in Engineering/Technology or related field
• Overall 10+years of work experience, 4-5 years of experience in IAM architecture/security activities, with an IT Security background
• Expertise in IAM concepts and architecture
• Knowledge of ISO 27002 and ISO 27005 standards
• Professional industry standard certifications like CISSP, CISA, CEH, GIAC, CISM, etc. will be an added advantage
• Experience on IAM solutions within Saviynt AAG, Microsoft Azure or other IAG solution
• Experience on PAM (Privilege Access Management) solutions (eg Cyberark, BeyondTrust)
• Subject-matter expertise across all IAM topics as it relates to both cloud and on-premises enterprise technology, and the relationship between the architectures.
• Professional & concise communication (written & verbal)

Technical Competencies:

• Experience on operations IAM solutions: Level 3                                         
• Experience on IAM solutions within Saviynt AAG, Microsoft Azure or other IAG solution: Level 3
• Very Good understanding of Identity & access governance, Multi-Factor authentication and Privileged Access Management: Level 4                                                                            
• Good understanding on technologies related to Identity and access management, such as e.g. API ,AD,LDAP,SQL : Level 4
• Intimately familiar with IAM functional process and design (SOD, Workflow approval, MFA,..) : Level 4
• Good understanding on functional concept of Identity and access management (workflows, SOD, recertification access, provisioning, auto-correlation access, …): Level 4
• Very good understanding on security IAM principals and design (e.g network, ) Level 4
• 2-3 years of IAM Saviynt software experience is appreciated: Level 2