Cyber - Identity & Access Management - Manager

As an Identity Access Management (IAM) Manager within the Cyber Security team, you will be helping to deliver high quality work to clients in the IAM domain.

You should expect to be involved in a wide range of challenging engagements, from IAM strategy roll-out and IAM controls reviews to large scale IAM transformations. 
 

If you are enthusiastic to take on complex IAM problems, find creative ways to resolve them using a combination of processes and technology and are passionate in helping our clients manage their IAM risk, then you are the type of person we are looking for.

Responsibilities:

•   Managing large workstreams on complex IAM implementation and transformation programmes.

• Scoping and leading small to medium sized IAM projects, from inception through to delivery and sign off.

•     Reviewing IAM controls and regulatory requirements and defining remediation plans and roadmaps in response

•    Supporting the broader IAM and Cyber team in thought leadership into chosen areas of IAM.

•     Coaching and developing junior team members through sharing of experience and knowledge.

• Performance management of junior staff.
• Striving for continuous development of self and team.
• Upholding KPMG’s values by acting with integrity

Person Specification

Experience and Background: 
•    Proven experience of working with or within corporate/utilities/finance organisations

•    Experience of defining IAM controls and processes in a regulated environment.

•    Experience of working with key IAM vendor solutions (SailPoint/CyberArk) to embed automated IAM controls and processes.

•    Understanding of disruptive trends, and evolution of IAM solutions.
•    Ability to develop and maintain constructive client relationships, both inside and outside of KPMG.
•    Ability to manage time and priorities between delivery and business development activities effectively to achieve results in both areas.

•    General knowledge across multiple IAM domains, with in-depth experience across two or more specific domains from: 

• Enterprise identity, including provisioning, JML, certification, RBAC, entitlement management, policy management, data access governance, identity analytics;
• Customer IAM, including registration, customer experience, authentication, multi-channel, privacy;
• Access management, including advanced authentication, identity federation, advanced authorisation;
• Privileged access management, including credential management, session management, discovery, inventory

Qualifications and Skills:
•    Recognised professional qualifications (e.g. CISSP, CISM, etc.), or comparable experience.
•    Understanding of a wide range of information security and IT methodologies, principles, technologies, and techniques (desirable).
•    Excellent communication skills (both written and oral), negotiation and project management skills. •    Collaborative and inclusive.
•    Produce high quality deliverables working alone and as part of a team.
•    Strong planning, organising and decision-making skills.

Leadership & Management:

The role will require management of small size engagement teams (2- 5-colleagues) and require the candidate to provide on the job coaching and mentoring to juniors providing both technical and broader consultancy skill development.

Subject Matter Expertise & Technical Excellence

The candidate will be expected to leverage strong subject matter experience across IAM domains, such as Identity Governance Administration (IGA) and Privileged Access Management (PAM), to define and drive client IAM remediation plans in response to regulatory requirements or cyber risk. This will include harnessing a strong understanding of IAM solutions (SailPoint, CyberArk etc) to develop, articulate and manage robust technical implementation plans.

Impact, Risk, Accountability & Governance:

The role will include engagement management of small to medium sized IAM strategy or review engagements and or governance across workstreams of broader large IAM transformation programmes. The role will exist in the Sectors Cyber capability and will require experience in KPMG’s Powered Cyber/IAM methodologies.

Collaboration & Capability Development

The candidate will be expected to develop their internal and external network and foster collaboration with adjacent KPMG teams to create multi-disciplinary IAM remediation methodologies.