Director of Enterprise Architecture IAM, DDIT ISC

Job Description Summary

Location: Barcelona (Spain), Israel (Tel Aviv), Prague (Czech Republic), Hyderabad (India)

The Director of Enterprise Architecture IAM will play an essential role in shaping and driving the architecture and design of various IAM platforms. This includes defining and adopting standards for their use, as well as acceptable implementation patterns, in alignment with Novartis information security standards and industry best practices. The individual will lead technology selection processes, manage vendor relationships, and guide cross-functional teams to execute and implement the IAM change strategy. This strategy aims to transform the way the company manages digital identities and their access to systems. The Director will also provide technical leadership for IAM transformation projects, ensuring that IAM applications are effectively security tested throughout their development and lifecycle.

 

Job Description

Major Accountabilities:

• Drive definition of IAM standards and architecture patterns and contribution to the overall Novartis technology strategy in collaboration with Novartis Enterprise Architecture/Governance

• Review, approve and control technology variants to the agreed enterprise IAM standards

• Lead IAM technology selection process including in-depth IAM products evaluation and vendor relationship management

• · Drive senior management sessions on IAM risk management, solution proposals, technology adoption

• Provide technical leadership for various IAM transformation projects, throughout the project lifecycle, including evaluating business requirements and security technologies, planning technology deployment, aligning with security engineering and solution architecture teams

• Proactively share knowledge of technology risks with business domain, while partnering with delivery leadership to ensure continuous improvement of IT services, application rationalization and efficient management of existing systems and operations

• Effectively liaise with other teams in information security & risk management, infrastructure & architecture management as well as business functions

• Contribute to the development of overall Novartis technology strategies, designs, standards, and procedures that support business strategies

• Ensure IAM applications are effectively security tested, according to their criticality, throughout development and lifecycle

• Ensure that project and development teams gain a sufficient level of IT security awareness for designing new services, technology, and source code to gain an effective and sustainable IT security improvement and lower risk to the organization when projects are handed over to operations

• Drive performance KPIs and metrics for IAM architecture outcomes, measure performance against architecture strategy and operational goals

• Ensure industry network in IAM domain and identify innovation opportunities

Requirements:

- 15+ years of working experience in Identity and Access Management domain; minimum 5 years in architecture capacity; 5+ years of IAM project experience and leading technical design, product comparison and selection

- Demonstrated security architecture conceptual skills, roadmap definition, and technology selection and decision making, incorporating sound security principles

- Prior experience in IAM policy, standards, guidelines, and patterns definition

In depth understanding of the IAM domain including strong knowledge of:

• Authentication/Authorization modern and legacy standards

• Entra ID concepts with focus on conditional access policies

• Legacy directory services and AD architecture and key concepts and secure administration

• IAM capabilities of major cloud providers such as AWS, Azure, Salesforce, Workday, ServiceNow, SAP, etc.

• Privileged access management

• API security and best practices for authentication/authorization

• Automation and integration related to IAM systems

• CIEM

• CIAM

- Experience in reporting to and communicating with senior level management (with and without IT background), with and without in-depth risk management background on information risk topics, and excellent written and verbal communication and presentation skills; interpersonal and collaborative skills.

- Proven experience in driving strategic initiatives that will affect other divisions, departments, and functions, as well as the corporate environment.

- Experience working in a multi-vendor, global environment and leading technical teams

- Self-motivated, delivery focused with keen attention to detail and good decision-making ability function with/without supervision to deliver in time and at expected quality.

Desirable:

• Professional information security certification, such as CISSP, CCSP, CISM is preferred.

• Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred

Why consider Novartis? We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.

Imagine what you could do at Novartis!

Commitment to Diversity & Inclusion: Novartis embraces diversity, equal opportunity and inclusion. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates bold innovation through collaboration, and empowers our people to unleash their full potential.

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network

 

Skills Desired

Business Architecture, Client Counseling, Decision Making Skills, Enterprise Architecture, Influencing Skills, IT Governance, Solution Architecture