IT - Application & Software Development
Jul 21, 2019
Our client, a major Canadian consumer packaged goods company with head offices in the GTA, is seeking a Senior Director of Identity, Access and Risk Management.
The Director of Identity, Access and Risk Management is a critical role, responsible for identifying tools, technologies, teams, and identity, access and risk services. Leveraging leading technologies, the Director will work collaboratively across the enterprise to integrate the right solutions that improve our security posture while equally improve the end user experience. In the rapidly changing world of security and technology, the right candidate will focus on innovative and automated solutions to meet and exceed strict regulatory compliance requirements.
We are looking for a strong leader of people with an exceptional understanding and subject matter expertise in identity management strategies such as; Single Sign On, Multifactor Authentication, Privileged Account Management, password vaulting, role-based access, Just-in-time provisioning. This individual would also drive key risk management processes (GRC/IRM), and would own critical linkages with Internal Audit function.
This is a highly visible leadership role and the right candidate must have a customer-focused, team-oriented, approach that balances security needs and user experience to provide best-in-class solutions to the organization.
What’s in it for you?
Our client is located in the GTA West and offers a competitive compensation & employee benefits plan as well as an RRSP/Profit Sharing program.
- Leading the development of strategic vision for IDM and GRC services
- Leading a strong team of internal and external resources
- Leading portfolio of projects where team has to be involved
- Accountable for System Access process operations and governance including integration of latest trends and industry best practices
- Owner of Identity Management (IDM) and Governance, Risk and Compliance (GRC) technologies. Current systems landscape includes SAP IDM 8.0, SAP GRC 10.1 and Microsoft Active Directory
- Ensure technology environment is maintained and supported, operating in a stable and efficient manner
- Ensure technology environment is appropriately integrated to deliver necessary System Access services
- Responsible, as a member of the Change Advisory/Release Advisory Board, for the review of system change requests to assess risks, impacts and resource demands as well as confirm due diligence has been carried out prior to release of changes into the production environment
- Assess new and emerging technology for fit with the organization’s strategic goals
- Develop, communicate and continuously refine the Identity Management strategy, in alignment with organizational goals and strategic direction
- Continuously evaluate the Information Solutions (IS) project pipeline to align prioritization and allocation of resources in addition to assessing financial implications due to factors such as end user licensing demands
- Member of the CEO CFO Compliance (C3) Steering Committee, providing oversight on the compliance programs tied to Bill 198 and associated regulations (colloquially known as CSOX)
- Act as liaison between the Internal Audit & Compliance and Information Solutions functions
- Ensure Internal Audit & Compliance is kept up to date on the state of the IS project pipeline and the system landscape
- Provide support for planning and execution of internal and external audit projects where the scope includes review of systems and/or system access
- Provide support assessing and implementing systems to support the Internal Audit & Compliance functions
- 10+ years of experience in business systems analysis
- 5+ years of experience leading teams
- 5+ years of experience managing projects
- 3+ years of experience in strategy development and execution
- 3+ years of experience managing programs
- Undergraduate degree in a related discipline, eg. Computer Science, Management Information Systems or Information Science
- Working knowledge of Bill 198 and affiliated regulations
- Ability to work with a broad range of internal and external stakeholders
- Ability to quickly learn about new domains and related technologies
- Ability to develop concise business case briefs using limited information including assumptions
- Proven capability to communicate effectively with a broad range of stakeholders, including executive leadership
- Proven capability in requirements analysis/definition and design
- Proven capability in project management practices and methodologies
- Proven capability in change management practices and methodologies
- Proven capability in talent sourcing and development practices and methodologies
- Ability to establish, plan and execute strategic vision
- Ability to interact with C-level executives
- Vendor/Partner management skills
- Organization leadership skills
- Demonstrated ability and desire to take on additional scope of responsibility outside of job description
Nice to Have
- Certified Information Systems Auditor (CISA), CISSP, PMP certifications are a plus
- Knowledge of SAP landscape is a plus
- Experience in audit and/or internal control design, implementation and monitoring a plus
isgSearch is a member of the ISG Group of Companies, operating in Canada since 1990. Throughout the 1990's, ISG (Informatics Search Group) was built into one of Canada's leading search firms, and sold in 1998 to a leader in North American Recruitment & Solution Services. In 2007, the same ownership that drove ISG to success, created isgSearch with a boutique-style approach, catering to the very specific needs of hiring clients and talented professionals in the IT space.