Under general direction of the designated Manager the Security Manager Identity & Access Management provides architectural leadership and guidance for AmerisourceBergen (ABC) in the area of Identity & Access Management (IAM). This position will have operational responsibilities to administer operate and maintain various systems which enable IAM solutions. This position will be responsible for establishing maintaining and improving the company's onboarding program as it relates to systems access for new hires existing associates and 3 rd party contractors. This position will work with other associates in the organization to identify opportunities to consolidate systems access processes and consolidate those into an agreed to standard to be used company wide.
ADDITIONAL DUTIES AND RESPONSIBILITIES:
- Provides IAM input into technology strategy.
- Serves as subject matter expert for IAM and counsels technology leaders in Information Security matters specific to IAM.
- Works in close coordination with the System and Business Process Analysts to understand and interpret requirements per application & initiative.
- Develops requirements and plans to implement Identity and Access Management functionality and solutions for specific business and security requirements.
- Manages IAM related projects and cross-departmental initiatives.
- Acts as liaison with Internal Audit and Internal Controls department to review systems access through annual attestation efforts.
- Must be willing to travel up to 15% of the time.
- Performs related duties as assigned.
EXPERIENCE AND EDUCATIONAL REQUIREMENTS
- Responsible for all associate relations functions for department staff including hiring, terminating, performance management, development and training
- In alignment with the Company's growth and direction, assists in managing the development of budgets, controls and measurements to monitor progress
- Makes recommendations for succession planning
- Performs related duties as assigned
- 6-8 years progressively responsible experience in the design, implementation and management of Information Security Shared services for a global corporation (Fortune 500)
- Experience leading functional business and technical teams in a large and complex, environment to deliver IAM capabilities
- Experience with process improvement design and process mappings in order to implement IAM capabilities to address business challenges
- Wide-ranging experience managing a variety of IAM technologies as well as IAM migration experience to/from different platforms
- Strong knowledge and experience managing the following IAM activities: ID administration, governance/auditing, IAM reporting, IAM tool operations
- Seasoned manager of professionals and cross functional teams, who can develop and retain top talent in the field
- Demonstrated success in managing an Information Security Framework, solution and service for a cross functional corporation.
- Extensive experience with Healthcare regulatory and information security guidelines, audits as well as external audit processes and requirements
- Demonstrated successful implementation of security control frameworks and standards such as ISO 27001, ISO 17799, COBIT, ITIL, NIST and PCI
- Certification in Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization required
- Directly applicable International / Global Experience desired
- Excellent understanding of IT Security & Risk Management, strategic planning and the related tactical initiatives needed to achieve the plan.
- Understanding of financial management and departmental budgeting desired
Requires a BS Degree in Computer Science Information Technology or equivalent. Normally requires a minimum of five (5) years directly related and progressively responsible experience in Identity & Access Management. Must have experience with understanding and resolving Segregation of Duty conflicts. Must have experience with Identity Management tools such as Oracle's Identity & Access Manager suite and SAP Netweaver Identity Management suite.
- Ability to direct the formulation definition and documenting of business requirements and objectives for assigned projects
- Good analytical conceptual and problem solving skills to evaluate business problems and apply technology knowledge to identify appropriate solutions
- Good interpersonal skills; effective team player
- Experience with active directory as it relates to user provisioning and access
- Knowledge of and experience with single sign on
- Knowledge of and experience with the development of enterprise business roles across multiple technology platforms
- Knowledge of and experience with the identification of Segregation of Duty conflicts and remediation's to mitigate risks
- Ability to communicate effectively both orally and in writing must have good presentation skills
- Understanding of legal regulatory and compliance needs
- Good decision making negotiation strategic thinking and planning
- Experience and presence to interact with and present to all levels of management
- Adept at thought leadership and proposing implementing and managing business and technical change
- Ability to invoke and leverage resources across the company to meet program objectives
- Knowledge of computers to operative effectively with computer hardware such as general mainframe midrange network and desktop technologies; computer software includes application development lifecycle MS Office Suite and Outlook
- Must be organized detailed-oriented self-motivated disciplined professional and a team player