The IT Security Architect - Identity Governance and Administration will be part of the Cybersecurity team responsible for Identity and Access Management organization. He/She will assist in the execution of the strategy, future direction, and product roadmap delivery for BHGEs IAM technology solutions.
As any IT Security Architect - Identity Governance and Administration, the candidate will work with Digital Technology (DT), Business Units (BU), and cross functional teams to integrate applications into Active Directory (including Azure), Access Manager (Saviynt, SailPoint or similar tools), PAM (CyberArk or similar tools) and other IAM technologies.
As part of the Identity and Access management team, you will collaborate closely with the various Security and Information Technology teams globally to ensure that they have what is needed to protect the enterprise, and that best practices are implemented uniformly across the company.
To help create secure, standardized and automated Identity and Access Management solution, the ideal candidate will have prior proven experience with Identity & Access Management systems and be familiar with the entire lifecycle (joiner, mover, leavers) of logical access management for internal and external users across various platforms, databases, privileged access, reconciliation, cloud and integration with credential stores.
In this role IT Security Architect - Identity Governance and Administration, you will:
- Strong knowledge on IAM design principles, design patterns and architectural frameworks
- Define architecture diagrams for core Identity and Access Management solution and design interface to multiple upstream and downstream systems
- Have a comprehensive, in-depth understanding of complex and highly technical Identity & Access Management concepts and principles of Cyber Security
- Strong knowledge of security concepts in technologies that intersect with Identity Management
- Develop code in Java, SQL, PL-SQL or other standard scripting languages as required for to extend functionality on Identity and Access Management product
- Evaluate different design options for Identity and Access Management product solution implementation. Analyze configuration vs customization decisions and finalize technical decisions for product functionality roadmap.
- Coach and mentor new team members in specific technology or process area
- Have good communication and presentation skills to convey technical solution and challenges to cross functional business team members and leadership team.
- Provide content and deliver status updates for key stakeholders, including but not limited to, Compliance Risk and Cyber Security Leadership team, Product leaders, DT Control Owners
- Define and document functional and technical requirements for integrating new or existing IAM platforms including provisioning, de-provisioning and integration of applications for authentication
- Develop trusted relationships and maintain an effective network across BHGE DT organization to ensure alignment and drive a One BHGE approach
- Bachelors Degree in Information Technology, Computer Science or STEM Majors (Science, Technology, Engineering and Math) from an accredited college or university
- Minimum 10 years of experience in Identity and Access Management and / or Cyber Security
- Travel less than 25% of the time, as required
- Must be willing to work out of an office located in Houston, TX
- Experience with an Identify Manager platform: Saviynt, SailPoint, Oracle IdM, etc.
- Experience with Directory servers: Unbound ID / Ping, CA, Radiant Logic, Oracle Metadirectory
- Experience in the following areas: Identity Management, Access Management, Role Based Access Control, User Access Certification
- Experience in administration, installation and troubleshooting of IAM solution in an enterprise environment
- Experience in maintaining an access management / SSO system in a large, complex organization
- Experience in standard operating procedures to perform IAM pre and post production support activities
- Good knowledge of best practices in IAM systems design and maintenance
- Understanding of custom changes to IAM platforms like O.
- Extensive knowledge and skills in maintaining an access management / SSO system in a large, complex organization
- Experience in managing deployments of an IAM platform (i.e.: Oracle IdM, SailPoint IdentityIQ or Saviynt)
- Experience with role mining, role-based access control and access certification with Oracle IdM, SailPoint IdentityIQ or Saviynt
- Experience with an Application / Web Server: WebSphere, Jboss, WebLogic, Tomcat
- Languages: Java, SQL Queries, Scripting languages, Stored procedures
- Web Technologies: HTML, XML
- Operating Systems: Windows 2008 / 2012, Unix, Solaris
- Tools: VMware Workstation, LDAP Browser, SQL Developer
- Oracle Database: 10g / 11g, MS-SQL Server 2005 / 2008
- Experience working in a global organization
- Ability to work in a dynamic, fast paced environment