Manager Information Security - Provisioning

What you will do

Lets do this. Lets change the world. In this vital role you will be responsible for the oversight and hands-on leadership of the Provisioning area within Digital Identity Access Services (DIAS) team across the CDT (Cybersecurity & Digital Trust) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies, and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in IAM, a deep understanding of security standard methodologies, and the ability to lead a team in a dynamic, global environment. This role involves overseeing the provisioning team, managing risk, and ensuring compliance with relevant regulations and standards. The ideal candidate has strong leadership skills, in-depth knowledge of cybersecurity practices, and experience in managing large-scale security programs.

Roles & Responsibilities:

• Develop and maintain the Provisioning standards and architecture, ensuring that it meets industry standards and best practices
• Assess and select IAM technologies and tools that align with Amgens Provisioning strategy
• Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations
• Develop and implement the IAM (Identity Access Management) strategy aligned with the organization's information security goals and regulatory requirements.
• Lead the design, implementation, and management of IAM solutions, including identity governance, access management, and privileged access management.
• Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights.
• Oversee the user onboarding and offboarding processes, ensuring appropriate access levels are granted and revoked in a timely manner.
• Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information.
• Conduct regular audits of user access rights and IAM processes to ensure compliance with internal policies and external regulations (e.g., GXP, SOX).
• Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks.
• Know the latest with industry trends, emerging threats, and standard methodologies in IAM.
• Collaborate with IT and security teams to integrate IAM solutions with other security and business systems.
• Develop and maintain key performance indicators (KPIs) to track provisioning metrics and generate regular reports for management.
• Work closely with IT, HR, and other departments to align IAM strategies with business objectives and operational needs.
• Evaluate and implement IAM tools and technologies to enhance security and streamline processes.
• Participate in vendor proposals, contract negotiations/renewals.
• This role on occasion might have responsibilities outside of business hours.
• Travel: International and/or domestic travel up to 10% may be essential.

What we expect of you

We are all different, yet we all use our unique contributions to serve patients.

Basic Qualifications:

• Masters degree with 4 years of experience related field OR
• Bachelors degree with 6 of experience in related field OR
• Diploma with 8 years of experience in or related field
• Strong knowledge of Identity and Access and Role Management applications (IBM ISIM, IBM IGI, SailPoint IdentityIIQ, ForgeRock, Saviynt, CIAM, Microsoft Identity Manager)
• Familiarity with security standards and regulations (e.g., NIST, ISO 27001).
• Experience with IAM tools (e.g., Okta, Microsoft Azure AD, SailPoint, IBM ISIM/ISIQ).

Preferred Qualifications:

• Experience with managing systems in a federally regulated environment with experience in compliance and regulations such as FDA/SOX, GxP, Privacy
• Proficiency in scripting and automation (e.g., Python, Bash) is a plus
• Understanding of identity federation concepts and implementation.
• Experience with RESTful APIs for integrating IAM solutions with other systems.

Professional Certifications

• CompTIA Security+ (preferred)
• Cloud Identity or Security Certification (preferred)
• SailPoint Certification (preferred)

Soft Skills:

• Excellent analytical and problem solving skills
• Strong verbal and written communication skills
• Ability to work effectively with global, virtual teams
• High degree of initiative and self-motivation
• Ability to manage multiple priorities successfully
• Team oriented, with a focus on achieving team goals
• Strong presentation and public speaking skills