Identity & Access Management Director

England, United Kingdom

As a pioneer of the sharing economy, Brambles/CHEP is one of the world’s most sustainable logistics businesses and our culture is reflective of our people, our purpose, the experience people bring, and the experiences they have. We operate in 60 countries, with over 12,000 people and 123 different nationalities.

As Brambles/CHEP continues its transformation journey into shaping the future of IAM capabilities, our next IAM Director will establish the foundation for which the company will operate from for Identity and Access Management in the future!

* Flexible location *

Position Purpose

Responsible for the planning, building, delivery, and support of the Identity and Access Management (IAM) program for both Brambles enterprise users and customer facing services. This encompasses a wide range of current systems and solutions managed by disparate teams, against various standards and approaches in which this leader will work to consolidate, update, and ensure best practices and standards are introduced and/or reinforced to drive the reduction in risk and improved operational excellence against these critical applications and processes for company operations.

Provide technical insight, architectural vision, executional delivery and leadership buy in for the direction and guidance to the development, specifications, and communications of IAM applications and architecture, as well as provide in-depth technical consultation to the business units and IT management.

Drive initiatives to transform IAM provisioning and lifecycle management, leveraging self-service and automation capabilities to enable a frictionless user experience. Knowledgeable of Information Security best practices and regulatory and compliance requirements that impact security for the enterprise: HIPAA, HITECH, PCI, NIST Cybersecurity Framework, NIST 800-53, ISO 27001, HITRUST, and other relevant privacy and security frameworks.

Drive a unified IAM approach and maintain an integrated program role-based access control, single sign-on, multifactor authentication, account federation, identity lifecycle, birthright access, access certifications and group management. The leader will build and seek cross functional, cross regional, and Executive buy in for program support, funding, and prioritization.

Take the lead on the IAM portfolio for customer facing systems and applications, ensuring that distinct, appropriate IAM strategies and controls are designed and deployed, including federation with customer systems where appropriate, in consultation with Brambles’ other customer facing areas.

Responsible for leading broader IAM programs, such as PKI and certificate management, encryption, Privileged Access Management, IDAM, and CASB for the enterprise.

Major / Key Accountabilities

Deliver excellence in IAM cyber security across the Brambles enterprise.

Lead transformational change across the enterprise IAM space, consolidating and integrating disparate systems and processes into a fully capable service delivery model for Brambles employee identities, and customer identities alike.

Influence multiple stakeholders and key leaders to support, align to, and embrace the changes required to positively impact IAM transformation across the enterprise, in an environment that might be resistant to change.

Define the programs and gain support for the design and execution of future state IAM capabilities for the company, transforming legacy applications and processes into a future ready state that delivers customer value, improved security, seamless integration, and improved speed to delivery across all Brambles development and system management.

Facilitate the use of technology-based tools or methodologies to review, design and/or implement products and services to provide a strong IAM program that balances access and usability with business, compliance, security, and privacy requirements.

Align IAM processes across the organization, and develop and document standards and policies for organizational use.

Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement.

Identify the broader impact of architectural decisions related to user access, data access and information security.

Lead the selection process for IAM tooling, evaluate existing and emerging technologies and tools in the selection of IAM service offerings for the business units while at the same time building the business cases and gaining buy in for the adoption of these solutions.

Create both short- and long-term enterprise IAM roadmaps, prioritize and manage programs and projects.

Develop, present, and manage IAM metrics to continuously measure and improve the IAM program.

Work with other teams on effectively integrating IAM with diverse applications to achieve stronger and more consistent security and user experience.

Managed the IAM budget, roadmap, and end to end delivery of IAM as a service.

Manage the process of hiring, developing, and empowering the team that supports a wide range of IAM infrastructure such as Single Sign On, Consolidate Directory Services Network (CDSN), Federated Identity (aka SAML), PKI infrastructure and tools, Extended Authentication Services, Strong Authentication, among other areas.

Qualifications

Essential

10+ years of experience in information security, including 5+ years in a technical IAM leadership role.

Must demonstrate knowledge of modern identity management protocols across multiple domain expertise areas (AD, PKI and certificates, encryption, SSO/MFA, PAM, etc), as well as the ability to learn new ways of thinking and technologies (e.g., Zero Trust, Mitre ATT&CK).

Expert understanding of IAM concepts, including federation, authentication, authorization, access controls, access control attacks, identity, and access provisioning life cycle.

Solid understanding of the foundation and trends in Information Technology, Information Security, Risk Management, Governance, and Compliance.

Demonstrated project management, organization, and facilitation skills.

Experience with administering IAM technologies, such as SailPoint, CyberArk or other Privileged Access Management platforms, AWS IAM, SAML 2.0, Azure AD, Kerberos, OpenID Connect, OAuth, and federated identity management.

Ability to think strategically, identify and understand how business/clinical needs translate into strategic directions, plans and solutions.

Excellent problem-solving and decision-making skills.

Ability to communicate clearly to several levels of management (including executive management), across various business units in the organization.

Ability to adapt communication to a wide range of technical, functional, and cultural backgrounds.

Able to think and operate independently with limited guidance.

Ability to gain alignment across disparate come from states for consolidation and centralization onto unified IAM platforms.

Desirable

Relevant certifications, such as CISSP, CISM, or GIAC are preferred.

Experience with Okta, Azure AD, PKI, and PAM solutions preferred.

Experience working in a manufacturing environment, preferred.

Experience with global security and privacy standards and regulations such as GDPR and CCPA is a plus.

Experience with ISO/IEC 27001, NIST CSF standards.

Global company experience.

Experience

Progressive leadership roles and relevant experience as a team lead in various Information and Cyber security disciplines supporting company information security departments.

Ability to lead transformational change and develop and drive large complex programs across the enterprise.

Technical expertise in multiple IAM domain spaces such as AD, SSO/MFA, PKI and certificates, PAM, and Identity and Entitlements.

Leading high-performance global teams.

Demonstrated mastery in IAM security platforms and processes.

Demonstrated awareness of the lifecycle of cybersecurity threats, attack vectors, and methods of exploitation with an understanding of intrusion tactics, techniques, and procedures (TTPs).

Technical understanding of core IAM technologies as well as emerging capabilities.

Leadership experience creating, building, and maintaining strong teams, particularly in a cybersecurity environment.

Experience conducting risk assessments.

Experience working with on-prem and SAAS technology security platforms and applications.

Essential Languages

English

We are an Equal Opportunity Employer and we are committed to developing a diverse workforce in which everyone is treated fairly, with respect, and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state, or local protected class.

Individuals fraudulently misrepresenting themselves as Brambles or CHEP representatives have scheduled interviews and offered fraudulent employment opportunities with the intent to commit identity theft or solicit money. Brambles and CHEP never conduct interviews via online chat or request money as a term of employment. If you have a question as to the legitimacy of an interview or job offer, please contact us at [email protected].

As an inclusive employer, Brambles wants to see every candidate performing at their best throughout the job application process, interview process and whilst at work. We therefore encourage you to inform your Talent Acquisition Partner of any reasonable adjustments you might need to enable this to happen.