Associate Director - IT Security - Manufacturing/Pharma

Job Description

Job Description / Capsule Associate Director :

- IT security will bring extraordinary people leadership skills as well as utilize their technical management skills to build and lead a diverse agile team.

- A good influencer and strong operations background with the ability to introduce latest technologies and create a fast paced development cycle which allows the team to brainstorm/research (independently and as a team), articulate effectively to varying audiences, offer technical acumen, and assist in the implementation, education and rollout of the IAM platform.

- This is a highly visible team and need to work closely with the senior business leaders and help shape the future of IAM. Experience in IAM products including Azure AD, Active Directory, role-based access control, multi-factor authentication, and SSO & related standards (e.g. SAML, OAUTH, NTLM, LDAP, Kerberos, PKI, etc. is must.

Typical Accountabilities :

- Manages staff, Develops, mentors and provides guidance, training and motivation as necessary. Conducts regular one on one and staff meetings. Hires, evaluates, and counsels the team. Follows corporate disciplinary procedures per established standards as required. Sets performance standards, reviews performance, provides feedback.

- Provides expert level IT technical lead services and direction for critical software, middleware, and/or hardware projects (e.g., applications, networks, communications, and client server technologies) on multiple platforms. Provides technical expertise in systems, technical infrastructure, tools, modelling, external interfaces, and other technical areas.

- Completes complex development, design, implementation, architecture design specification, and maintenance activities.

- Participating in projects and initiatives working with IAM team members, architectural, development and engineering teams, service owners, and business stakeholders to provide enterprise IAM solutions that are scalable and adaptable with the ever-changing business needs and industry demands.

- Ensures the viability of IT deliverables.

- Recommends development options, including design, build/buy, and vendor purchase.

- Approves the team's technical deliverables. Conducts testing, including functionality, technical limitations, and security.

- Preparing and implementing strategic and operational plans of actions to ensure that systems, procedures, staffing, support services and capacity are available when needed

- Working directly with stakeholders in a multi-disciplined team structure, designing and deploying IAM strategy and solutions across a variety of vendor platforms, Understanding the business direction and create optimized IAM architectures to meet business needs

- Acting as an IAM thought leader, consistently researching new ways to improve IAM operations and overall strategy

- Ensuring adherence to Security Controls, Policies and Standards with a focus on automation and control

- Communicates with strategic team on a frequent basis. Provides realistic task and resource requirements for projects, Communicates with other technical leads, IT groups, and business so they understand the technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideas.

- Maintains current knowledge of IT development methodology, architecture design, and technical standards. Mentors the team and identifies training needs. As new standards are instituted, ensures their usage by team members.

- Identifies opportunities for continuous quality improvement of technical standards, methodologies, and technologies.

- Thoroughly understands and complies with IT policies and procedures, especially those for quality and productivity standards that enable the team to meet established client service levels. Thoroughly understands and complies with Information Security policies and procedures, and verifies deliverables meet Information Security requirements.

- Participates in special projects and performs other duties as assigned.

- Works with teams and preferred third party suppliers to provide strategic and innovative technology solutions aligned with business needs as well as regulatory requirements

- Leads resolutions of risks identified in impact assessments

- Ensures infrastructure lifecycle maintenance needs are identified and managed

- Maintains awareness and knowledge of industry trends and proactively identifies and drive identification of opportunities to be leveraged in Infrastructure solutions

- Works with Architects to define business solutions, ensuring their alignment with business strategies and priorities, as well as expected target benefits

Job Profile :

- Leads effort to plan, engineer and design solutions and oversees the design and documentation of solution components, Provides technical expertise, direction and support to IT Infrastructure Engineers for both innovation and support activities, Plans all activities associated with implementation and maintenance of infrastructure solutions.

- Has awareness of both Application and Infrastructure industry directions and trends

Typical People Management Responsibility (direct / indirect reports) 25-100 Approximate number of people managed in total (all levels)

What is the global remit? (how many countries will the role operate in?) Operates in: Own country Another country 2 or 3 countries at a minimum of 40% of time 4 or more countries at a minimum of 40% of time

Education, Qualifications and Experience

Essential:-

- Significant experience in an Information Services/Information Technology environment with good business acumen ( 15+ years )

- Knowledge of regulatory requirements in Life Sciences & Experience of working within a quality and compliance environment and application of policies, procedures, and guidelines

- Experience in development of processes and/or procedures for both technology and business functions to ensure enterprise Role Based Access Control

- Deep understanding of IAM constructs including MFA, SSO, IDM, PAM and others across data centres, private cloud and public cloud environments, integrating RBAC systems with LDAP and/or Active Directory/Azure Active Directory

- Experience in implementing enterprise Identity and Access Management (IAM) Framework and Privileged Account Management (PAM), or other related security solutions (e.g., SailPoint or another IAM Governance Framework, Oracle Directory Services, Micro Focus LDAP, Microsoft Active Directory Services and, CyberArk, etc.), PING ID, PING Federation, MULTIFACTOR in client environments

- Technical architecture experience integrating multitiered applications, databases, LDAP and directory services, application servers, and understanding IAM security and dataflow within these components

- Experience with continuous integration platforms as it pertains to machine Identity using one or more of the following build and deployment tools- Jenkins or Puppet

- Experience with federated identity and web services security concepts such as SAML, OAuth, ADFS, etc.

Experience :

- Verifying that the system complies with any laws or regulatory requirements from local or national government.

Desirable:

- Good commercial awareness and understanding of the external market

- Demonstrate initiative, strong customer orientation, and cross-cultural working

- Well versed in ITIL V3.0 practices and process

- AIOPS & ML skills

- Cybersecurity and Engineering expertise

- 7 - 10 years of experience in Information Security and/or Information Risk Management and/or Information

- Experience working within an information security function using the NIST 800-83 cyber security framework

- Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits

- Security industry organization participation / leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.)

- Industry recognized certification in security (e.g., CISSP, CISA, CISM, CEH, etc.

Skills and capability:

Essential:

- Good communication skills supporting joint working with geographically remote colleagues

- Evidence of leading, shaping and designing innovative solutions and driving any changes

- Ability to interpret and communicate technical information into business language

Desirable :

- Well versed in ITIL V3.0 practices and process

- Experience in DEVOPS, hype cycle & bi-modal approach

- Industry recognized certification in security (e.g., CISSP, CISA, CISM, CEH, etc.)

- Security Audit, Automations