This role reports directly to the Technology Executive for Authentication, Privilege Access Management Service and Cloud IAM.
This role is a backup to the existing Authentication lead in AMRS.
Primarily responsible includes assisting Authentication lead and partners with other technology SMEs to ensure that strategic and effectively authentication solutions are adopted across BAC and sure compliance with IAM Standard.
Partner with IAM Governance leads to ensure that all authentication related IAM requirements are appropriately measured, reported and governed.
Appropriately assess identity and authentication related risks when business and technology decisions are made, demonstrating risk management mindset and practices to safeguard BAC’s reputation, its clients, and assets by driving compliance with applicable laws, rules, and regulations, adhering to BAC Policy and Standards.
Monitors industry information security and Identify and Authentication trends and engages peer organizations to refine and enhance BAC’s strategy.
Apply industry Identity and Authentication best practices, templates, and documentation while also proposing improvements based on practical knowledge.
Establish and maintain strong partnership with other Global Information Security (GIS) functions, Core Technology Infrastructure (CTI), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal audit, and regulatory agencies.
Influence relevant tools owners to build/implement enhanced Identity and Authentication solutions that are efficient, effective, and modern and able to deliver material risk reduction in sustainable manner.
Collaborate with stakeholders to develop Identity and Authentication requirements that iteratively support long term modernization and transformation (covers Process, Data and Technology aspects).
Engage with Product Managers and Senior Architects to comprehend the strategic Identity and Authentication technology roadmap, which dictates the need for modernized security principles.
Consult with the business to identify gaps and governance issues, leveraging own domain expertise to find effective solutions.
Clearly articulate reasons and methods behind proposed changes through informative materials for educating others.
Provide education to team members and technology partners regarding the proposed changes.
Partners with the policy governance team for socialization and publication of proposed changes to the relevant Standards.
Takes accountability for addressing identity and authentication risks.
Proactively identify risk and ways to continuously enhance and improve BAC’s controls.
Implement and take decisive actions in finding solutions.
Drives towards intended outcomes.
Engage senior management to provide factual, transparent, and timely reporting on existing and emerging identity and authentication risks.
Active participation in GIS IAM forums including but not limited to Monthly IAM Stakeholder Forum and Control Owner Forum for standard and Single Process Inventory (SPI) enhancements.
Supports audit issues for closure and sustainability.

Requirements

Extensive knowledge and understanding of identity and authentication specific laws, rules, and regulations within the financial services sector.
Understanding and interpreting BAC’s established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related identity and authentication decisions and response.
Familiarity with security standards such as NIST, ISO/EC, FFIEC.
Possession of CISSP certification would be an advantage.
Expert level knowledge of identity and authentication methodologies, techniques and technologies.
Expert knowledge of PAM related tools which support, MFA, vaulting, integration with service management tool would be an advantage.
Bachelor’s Degree or equivalent work experience.
7 years relevant hands-on experience in identify and authentication fields in a large and complex organization.
Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.
Deep experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of authentication services or Identity Store.
Expert level knowledge of authentication platforms such as Active Directory, LDAP, Kerberos, LDAP, Radius.

Benefits

Health insurance
401(k) matching
Flexible work arrangements
Paid time off
Discretionary incentive eligible

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

identity and authentication methodologiesidentity and authentication technologiesprivilege access management (PAM)multi-factor authentication (MFA)Single Sign-On (SSO)Active DirectoryLDAPKerberosRadiuscloud scale identity management

Soft Skills

risk managementcollaborationcommunicationaccountabilityproblem-solvinginfluenceeducationstakeholder engagementstrategic thinkingtransparency

Certifications

CISSPBachelor's Degree