Cyber Security Identity Lead
Location
Kilbirnie Street, Glasgow
Hours
Full time, Monday–Friday, 8.30am to 5pm
About the role
This role will ensure the Identity aspects of the AC Cyber Security Strategy are implemented across Arnold Clark integrating best practices within all working practices and enabling Cyber Security to become a business differentiator across all digital channels.
The role is responsible for ensuring all aspects of Identity implementations are secure across all Arnold Clark systems.
Key responsibilities
- Maintains working knowledge of access management, directory services, Privileged Access Management (PAM), Multi-Factor Authentication (MFA), Azure Active Directory (Azure AD) and Federated Identities and upcoming technologies in the identity space.
- Understands the role of Certificates and keys in securing identities across applications and services.
- Provide solutions and operations for Identity and Access Management services for our on-premises and cloud environments.
- Responsible for swiftly resolving disruptions to technology services to minimize user impacts and maintain service levels
- Oversees and provides guidance on analysis of performance trends and actions being taken for preventing potential impacts
- Proactively helps team members/makes suggestions to improve practices
- Create and implement standards and policies to control access across Arnold Clark
- Supporting the development of strategy, roadmaps and implementation plans for IAM.
- Analysing and defining sector-specific risk-based controls for IAM.
- Hands on development and implementation of IAM technology solutions for our clients.
- Lead business stakeholders with design and implementation of Identity operational best practice and process and control improvements.
- Hands on development and implementation of IAM technology solutions.
Internal stakeholders
- Internal technical teams
- Internal business non-technical teams
External stakeholders
- All Third parties accessing Arnold Clark systems
- Cyber Security consultancy vendors
Required experience and skills
- Knowledge of or exposure to Cyber Security frameworks, including PCIDSS, GDPR, Cyber Essentials +
- Deep understanding of Cloud-native authentication mechanisms
- Provides expert knowledge of SAML 2.0, SSO, 2FA/MFA, Kerberos and LDAP
- Provides expert knowledge Identity Lifecycle Management.
- In-depth knowledge of Windows server operating systems
- Experience with deployment/implementation/of M365 tools
- Strong experience of access governance, identity administration and provisioning
- Strong knowledge of implementing federated access management including the cloud
- The ability to carry out IAM security risk assessments and construct a remediation plan
- Analyse integration requirements for IAM products, designs - leading implementation the integration
- Knowledge of external and Internal PKI solutions.
- Willingness to obtain security qualifications and experience on the job training.
- Minimum 5 years’ experience in an Identity and Access Management technology role.
- Stays abreast of industry trends and technologies
- Maintains root cause analysis skills for investigation of incidents impacting technology availability
- Reviews capacity utilization for trends and raises awareness across teams to address areas of excess and shortages
Key measures
- Engages various teams to evaluate and implement performance tuning recommendations
- Creation of processes and procedures to support the development of strategy, roadmaps and implementation plans for IAM.
- Supporting the creation of IAM solution blueprints and producing high-level designs covering technology and process design.
- Established relationships are in place with internal stakeholders.
Employment within the Arnold Clark Group is offered subject to satisfactory reference and disclosure checks.