Identity and Access Management (IAM) Architect

Bank of America - Annandale, VA

Full-time
Job Description:
The Cyber Security Technology (CST) function within Global Information Security (GIS) is responsible for technology research and innovation, architecture, engineering, solutions development and deployment, maintenance and support of information technology security controls, along with strategic plan development across the GIS organization. This position is for an Architect who specializes in Identity and Access Management (IAM) technologies. Must be able to meet demands of working across multiple work streams, communicate effectively with senior technology leaders and business partners. Organized evidence of compliance and producing documentation will also be key to this role. Tight coordination with the infrastructure technology organization will also be required.

Key Responsibilities:
  • Define, document, and publicize strategic roadmap for various IAM technology stacks
  • Influence stakeholders to ensure alignment & effective prioritization of product roadmaps in relation to IAM strategy
  • Continuously follow and evaluate IAM technology landscape (market/best practice) for gap/opportunity development
  • Bridge the gap between various development teams designing solutions and business partners to fully understand their requirements
  • Define enterprise wide standards and policies in respect to emerging technologies and provide the control framework to ensure adherence
Required Job Skills:
  • Strong understanding of existing (LDAP, SAML, WS-*, Kerberos) and emerging (OAuth, OpenID Connect, SCIM, FIDO) industry protocols which shape the authentication and identity landscape
  • Experience with authentication concepts (Multi-Factor Authentication, Adaptive/Contextual Authentication, Risk-Based Authentication) and the supporting strong authentication technologies (FIDO U2F/UAF/FIDO2, Hard Tokens, Soft Tokens, Biometrics)
Familiarity with IAM vendor landscape and experience with defining stakeholder requirements and performing assessment.
  • Experience with directory server technology and concepts.
  • Prior experience doing product evaluations and documenting requirements for emerging technologies
  • Understanding of API design concepts and modern application interaction patterns
  • Knowledge across the technology stack such as web protocols, multiple operating systems, hypervisors and distributed systems architecture.
  • Proficient in both Windows and Midrange platforms
  • Familiarity with deployments and integrations patterns in regards to IAM solutions within the cloud (Azure or AWS)
  • Experience deploying large-scale, global projects and programs
  • Familiarity with IT security and risk management practices
Desired Job Skills:
  • 5+ years working in Information Technology
  • 3+ years working in Identity & Access Management
  • 3+ years of experience with attribute and role based access controls
  • Understanding of financial services regulatory and legal environment
Education/Certification:
  • CISSP Certification desired
  • Bachelor's degree in Information Technology or related field
Enterprise Role Overview - As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.

Shift:
1st shift (United States of America)

Hours Per Week:
40