Global Head of Identity and Access Management
Location: Denver, CO
You will be responsible for managing global identity, access and authentication services. You will establish access control governance and strategy. You will supervise enterprise teams that support provisioning and deprovisioning services. You will build and implement policies and controls to manage access and recertify access within the enterprise. You will also be responsible for managing personnel who maintain access recertification services. You will manage information technology (IT) security initiatives related to regulatory compliance, audit compliance and identity management. Additionally, you will report to management the effectiveness of security controls and makes recommendations for new procedures.

Duties and Responsibilities

• You will develop and communicate an overall, company-wide access management strategy to identify and protect critical information and accessibility on the computer network.
  
• You will work with IT Architects to define the companyâ??s identity management architecture.
  
• You will provide technical guidance on Identity Management systems and processes.
  
• You will develop, implement and maintain security policies and procedures.
  
• You will work to develop risk based frameworks to manage access provisioning/deprovisioning and recertification.
  
• You will collaborate with IT management to facilitate and coordinate adoption and implementation of appropriate security controls.
  
• You will lead a team to provide access management and access recertification services as well as to provide access governance for Sarbanes-Oxley regulated systems.
  
• You will coordinate to provide information for internal and external audits related to access management and other security controls. You will work with audit to provide information for SOX compliance and produce information for SOC1 reports.
  
• Your team will provide SAP security expertise.
  
• You will lead initiatives to resolve open audit and security issues and to implement new security processes and technologies.
  
• You will coordinate appropriate and timely communications on meaningful security topics and issues.
  
• You will collaborate with the operational security teams to provide to the overall security program.
  
• You will carry out additional duties as assigned

Supervisory Responsibilities

• You will lead individuals from the access management and access governance team.
  
• You will plan, allocate and monitor work and makes decisions regarding employment, performance appraisal, training, salary adjustments and related personnel actions.
  

You will have:

• Strong leadership, management and team-building skills.
  
• Excellent written and verbal communications skills and strong interpersonal skills required.
  
• Business case development skills for developing budgets, cost/benefit, and total cost of ownership.
  
• Proven ability to develop a team of individuals.
  
• Advanced knowledge of identity management and directory services concepts and standard methodologies including development of roles and groups.
  
• Practical knowledge of Active Directory. Knowledge of Sailpoint is helpful. Knowledge of SAP preferred. Experience with ServiceNow.
  
• Knowledge of computing architectures, data and telecommunications architectures, computing hardware and operating systems, telecommunications and network hardware and protocols, firewalls, and Internet technology and how they interrelate with access management.
  
• Experience with active Directory Federation Services, Group Policy Objects and Lightweight Directory Access Protocol. System Administration, Security Assertion Markup Language (SAML), PowerShell, web services and Extensive Markup Language (XML).
  
• Advanced knowledge of security concepts, best practices, policies, and guidelines as applied to access management.
  
• Deep Understanding of Identity Management Frameworks as defined by best practice organizations.
  
• Knowledge of Auditing Frameworks used for access control and access governance such as CoBIT.
  
• Knowledge of standard security frameworks, such as NIST or the ISO 27000 series.
  
• Strong Understanding of regulatory frameworks, including Sarbanes â?? Oxley.
  
• Knowledge of identity and access management frameworks as applied to maintain regulatory compliance, including Sarbanes-Oxley.