Core Responsibility protecting digital identities and identity-based systems from cyber threats , closely partnering with internal security teams and stakeholders to deliver consistent IAM controls across the Blue Yonder digital footprint worldwide.
What you’ll do:
Develop and manage the Blue Yonder’s IAM strategy aligned with business goals and compliance requirements.
Design IAM solutions, including authentication, authorization, identity provisioning, access management, and privileged access management considering security best practices and industry standards.
Identify IAM-related risks and vulnerabilities and develop strategies to mitigate them effectively.
Provide technical guidance and oversight during the implementation of IAM solution. Support implementation of the service.
Develop and manage IAM policies, procedures, and standards to enforce consistent security practices across Blue Yonder.
Ensure IAM solutions comply with relevant regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., NIST, ISO/IEC).
Integrate IAM services with security capabilities in other domains.
Develop and generate KRI/KPIs for the service.
Maintain alignment with threat landscape and industry trends.
Assess maturity and develop continuous improvement plans for the service.
Participate in security architecture reviews and design discussions to embed the risk optimized controls.
Partner with enterprise architecture and application development team to enhance the security of the products.
Collaborate with GRC team and connected stakeholders to manage the identified risk and remediation activities.
What we are looking for:
A master’s or bachelor’s degree in cybersecurity, computer Science, or a related field
10 + years of experience in security domain with 5 + years of experience in IAM domain
Experience in designing, implementing, and managing cloud IAM, IAM & PAM solutions on-premises and in cloud.
Proven ability to independently drive transformational security projects cross-organization.
Proficiency in active directory, LDAP, SSO, MFA, SAML, OAuth, and OpenID Connect.
Experience working with Privileged Access Manager (PAM) and Identity Governance & Administration (IGA) solutions.
Strong understanding of secrets management, encryption, Public Key Infrastructure (PKI), and digital certificates
Deep understanding of Zero trust security models
Experience in identifying, assessing security risks, and implementing risk mitigation strategies.
Certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or equivalent
Experience in public cloud infrastructure such as Microsoft Azure, GCP, AWS.
Familiarity with security frameworks such as NIST-CSF, and CIS controls.
Understanding of regulatory requirements related to IAM, such as GDPR, HIPAA, SOX and experience implementing controls to ensure compliance.