IAM Architect

Req ID:482643 

At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80 000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.

Job Title: IAM Architect

OVERALL PURPOSE OF THE ROLE:

Take on a new challenge and apply your comprehensive IAM knowledge in a new cutting-edge field. You’ll work alongside innovative, supportive, and solution-driven teammates. You'll spearhead the development and governance of identity and access management, ensuring alignment with our IAM security policy. Day-to-day, you’ll work closely with teams across the business (HR, Sourcing, Master Data managers, IS&T, business representatives), design IAM mechanisms and tools, and lead the functional and technical roadmap.

Organisation structure (job belongs to..)

Digital Services

 Reports directly to:

Identity & Access Lead Architect

Roles and Responsibility:

The IAM Architect has under his responsibility:

• • Collaborating on the definition of IAM standards
  • Validating architecture against Security Policy
  • Enhancing the global IAM architecture
  • Supporting security aspects of IT projects related to IAM
  • Perform Technical review and Impact assessment for all changes and new requirement. Update the design document and maintain
  • Support level 5 – expertise – for IAM platforms and topics
  • Ensure critical applications are well integrated with the good level of IAM control and governance ( access review, good approval workflow) based on policy and instruction.
  • Contribute & validate new security solutions like B2B Operations and B2B SSO in IAM.
  • PAM architecture & domain expertise
  • Collaborate and support for troubleshooting and manage issues related to identities, authentication/authorization and access permissions. 
  • Able to analyse risks and to design an appropriate IAM security pattern (provisioning, habitation workflow, authentication, master data authorities, segregation of duty, Privileged Access Management, federation)
  • You’ll specifically take care of coordinating with stakeholders on IAM Architecture topics, managing identity lifecycle processes, and working with external/internal resources to support the Alstom IAM program.
  • Recommend solutions for complex operational problems & implement industry best practices

• The IAM Architect would  contribute actively to the security aspects related to IAM in Alstom’s IT projects
  • ISSCQ – produce all Information System Security and Compliance Questionnaire at the initial phase of all projects
  • Risk analysis – perform risk analysis and identify mitigation plan when relevant
  • Security Acceptance –make the right decision considering the residual risk and the asset value

Experience

We value passion and attitude over experience. That’s why we don’t expect you to have every single skill. Instead, we’ve listed some that we think will help you succeed and grow in this role:

• Bachelor’s/Master’s degree in Engineering/Technology or related field
• Overall 10+years of work experience, 4-5 years of experience in IAM architecture/security activities, with an IT Security background
• Expertise in IAM concepts and architecture
• Knowledge of ISO 27002 and ISO 27005 standards
• Professional industry standard certifications like CISSP, CISA, CEH, GIAC, CISM, etc. will be an added advantage
• Experience on IAM solutions within Saviynt AAG, Microsoft Azure or other IAG solution
• Experience on PAM (Privilege Access Management) solutions (eg Cyberark, BeyondTrust)
• Subject-matter expertise across all IAM topics as it relates to both cloud and on-premises enterprise technology, and the relationship between the architectures.
• Professional & concise communication (written & verbal)

Technical Competencies:

• Experience on operations IAM solutions: Level 3                                         
• Experience on IAM solutions within Saviynt AAG, Microsoft Azure or other IAG solution: Level 3
• Very Good understanding of Identity & access governance, Multi-Factor authentication and Privileged Access Management: Level 4                                                                             
• Good understanding on technologies related to Identity and access management, such as e.g. API ,AD,LDAP,SQL : Level 4
• Intimately familiar with IAM functional process and design (SOD, Workflow approval, MFA,..) : Level 4
• Good understanding on functional concept of Identity and access management (workflows, SOD, recertification access, provisioning, auto-correlation access, …): Level 4
• Very good understanding on security IAM principals and design (e.g network, ) Level 4
• 2-3 years of IAM Saviynt software experience is appreciated: Level 2

Behavioural Attributes

• Ability to work global with functional as well as technical teams in a dynamic environment
• Eye for details, structured and process oriented
• Demonstrated drive for continuous learning, results-orientation, and teamwork
• Influence stakeholders for improving and sustaining performance
• Demonstrate a positive mindset, high levels of character and integrity, and a keen awareness of continuous improvement
• Advise and collaborate with others to develop strong, positive working relationships across all levels of the organization to drive success of projects and efforts
• Offer creative, innovative, data-based solutions by focusing on forward progress and creativity, even when working through complex, often competing needs.

You don’t need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you’ll be proud. If you’re up for the challenge, we’d love to hear from you!

Important to note

As a global business, we’re an equal-opportunity employer that celebrates diversity across the 63  countries we operate in. We’re committed to creating an inclusive workplace for everyone.