Assistant Director - Identity and Access Management
About the Opportunity
Northeastern University is seeking an Assistant Director, to support and enhance our Identity and Access Management (IAM) Program within a complex business environment. The ideal candidate delivers the best user experience while balancing application and Cybersecurity requirements. The IAM Assistant Director will report to the Director of Information Security and Identity Management Services, under the Office of Information Security (OIS) which is within the University’s Technology organization.
The Assistant Director of IAM plays a critical role in support of the design and execution of IAM roadmap and strategy. Leveraging key technologies and best practices, the IAM Leader will work collaboratively with IT solution teams to integrate identity management solutions that improve our security posture while equally improving faculty, staff, and student experience.
The ideal candidate will be experienced in leading and coordinating team efforts to manage operational tasks and key projects which continue to mature the Identity and Access Management Services for the Global University community. They will act as a champion and change agent providing security consulting services that address desired business outcomes, identifying changes needed to secure our environments, and add value to the user experience. They must be adaptable and comfortable in an environment that thrives on innovation, flexibility and creativity and ensure that the university is developing the technology and processes that are agile and sustainable to meet the expansion strategy of the University.
Applicants must be authorized to work in the United States. This position will not be sponsored for a work visa.
Minimum seven years of recent Identity and Access Management experience with an Expert-level understanding of IAM principles, best practices, and processes.
Bachelor's Degree from an accredited college or university or equivalent work experience
In-depth understanding of authentication, authorization, role-based access, least privilege and segregation of duties access control concepts
Ability to lead product and vendor interactions regarding identities, access, accounts, authentication, authorization, and governance.
Service mindset approach, and the ability to act as a trusted advisor.
Ability to quickly evaluate complex issues and identify multiple options for resolution as well as influence without direct responsibility/control and to bring groups to consensus.
Organized, flexible and able to manage multiple challenging projects simultaneously in a fast-paced work setting.
Active participation in the Identity and Access Industry, equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.
Excellent understanding of Active Directory, Azure AD, MFA, SAML/oAuth
Experience with data integration services, APIs and relational databases
Experience with security standards and frameworks such as CMMC, NIST, FedRamp, FISMA, (DFARS), coordinating initiatives for obtaining security related assurances or certification, including process control design and testing.
Minimum of three years of management experience, with emphasis on growing and mentoring direct reports and the ability to establish strategy and objectives and set clear expectations.
High level of knowledge regarding Project Management methodologies, and practices (Agile/Scrum), including program roadmap development, and assuring that deliverables are measurable, tracked and successfully achieved.
Working experience as a member of an Agile solution delivery teams
Familiar with IAM-influenced compliance controls related to regulatory frameworks such as Privacy, FERPA.
Skill in fostering strong, collaborative relationships throughout all levels of the University and within the direct team which they are managing.
Information security related training or certifications, such as CISA, CISSP, CCSK, CIPP, or CRISC preferred.
Familiarity with federal and state legal regulatory requirements related to information security and privacy including GDPR (General Data Protection Regulations), FERPA (Family Educational Privacy Rights Act), and CCPA (California Consumer Privacy Act).
Familiarity with tracking projects and operational tickets/incidents in ServiceNow.
Key Responsibilities & Accountabilities
Work with stakeholders, across technical functions, and our customers to deliver on our technical roadmap for core IAM capabilities.
Define and execute projects, policies, and procedures related to IAM solutions.
Provide recommendations and guidance on identity, governance, and privileged access solutions to support our global functions and help member firms meet their identity needs.
Collaborate with peer product management groups, operations, global functions, and member firms to help them take full advantage of the latest authentication/authorization protocols and privileged access processes.
Work both independently and direct reports to perform tasks required to ensure customer satisfaction and departmental SLAs are achieved
Acts as a change agent for improvement of IAM maturity and practices, in support of ITS and University goals and strategy.
Sets and accomplishes challenging goals for themselves and their direct reports.
Monitor daily departmental activities and the supervision of Information Security staff, including performance reviews and ongoing professional development coaching for their direct reports.
Position TypeGeneral Administration
Northeastern University considers factors such as candidate work experience, education and skills when extending an offer.
Northeastern has a comprehensive benefits package for benefit eligible employees. This includes medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement- as well as commuting & transportation. Visit https://hr.northeastern.edu/benefits/ for more information.
Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
To learn more about Northeastern University’s commitment and support of diversity and inclusion, please see www.northeastern.edu/diversity.