Top Skills' Details CISSP, CISM, CRISC, or Certified Identity and Access Manager (CIAM), IAM risk assessment Description The IAM Risk Oversight Lead is responsible for ensuring that the organization's Identity and Access Management (IAM) practices adhere to regulatory requirements, internal policies, and risk management standards. This role provides oversight, risk assessment, and strategic guidance to mitigate identity-related risks while supporting secure and efficient access to critical systems and data. ________________________________________ Key Responsibilities 1. Risk Assessment and Oversight • Identify, assess, and oversee IAM risks, including access provisioning, de-provisioning, privilege escalation, and access control gaps or weaknesses. • Conduct risk assessments for IAM policy, processes, tools, and systems, recommending risk mitigation strategies. • Monitor IAM activities to ensure compliance with industry regulations (e.g., SOX, GDPR, HIPAA) and organizational policies. • Develop and maintain a risk register for IAM-related threats and vulnerabilities. 2. Policy and Governance • Establish and enforce IAM policies, standards, and guidelines to ensure effective risk management. • Collaborate with stakeholders to align IAM practices with broader cybersecurity and governance frameworks. • Perform periodic reviews of access control policies and privileges to ensure they align with the principle of least privilege and segregation of duties. 3. IAM Controls and Monitoring • Evaluate the design and effectiveness of IAM controls, ensuring they adequately mitigate access risks. • Implement key risk indicators (KRIs) for IAM and produce reports for leadership on IAM-related risks and trends. • Oversee periodic access certifications and reviews, ensuring that access to critical systems is appropriate and timely. 4. Collaboration and Communication • Work closely with IAM teams, IT, internal audit, and compliance teams to address findings and ensure timely risk remediation. • Provide risk-based recommendations to enhance IAM systems, processes, and technologies. • Serve as the IAM risk subject matter expert (SME) for regulatory audits and internal assessments. 5. Awareness and Training • Develop and deliver IAM risk awareness training for stakeholders, emphasizing access management responsibilities and risk implications. • Stay updated on emerging IAM risks, technologies, and best practices to inform risk management strategies. ________________________________________ Qualifications Education • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field. • Master’s degree preferred. Experience • 8+ years of experience in Identity and Access Management, Information Security, or Risk Management. • Strong experience in assessing IAM risks within complex IT environments, including cloud-based systems. Skills and Certifications • Certifications such as CISSP, CISM, CRISC, or Certified Identity and Access Manager (CIAM) are preferred. • Solid understanding of IAM technologies (e.g., Active Directory, SSO, MFA, PAM tools). • Familiarity with regulatory frameworks and standards like NIST, ISO 27001, COBIT, and SOC 2. • Excellent analytical, problem-solving, and communication skills. • Proficiency in IAM monitoring and reporting tools, as well as GRC platforms. ________________________________________ Key Competencies • Risk Management Expertise: Ability to identify, assess, and prioritize IAM-related risks effectively. Must understand risk management from a second line perspective. • Self-starter: Motivated to learn, ask questions, and execute work • Expert: Teams, Outlook, Excel, PowerPoint • Strategic Thinking: Capability to align IAM processes with organizational goals and regulatory requirements. • Collaboration: Work effectively across teams to ensure cohesive risk oversight practices. • Attention to Detail: High level of accuracy in monitoring, reporting, and assessing risks. Skills IAM, CIAM, risk management, financial services, risk assessment Top Skills Details IAM,CIAM,risk management,financial services,risk assessment Additional Skills & Qualifications Must haves: Risk Management Expertise: Ability to identify, assess, and prioritize IAM-related risks effectively. Must understand risk management from a second line perspective. IAM risk assessment experience including familiarity with IAM controls (i.e. joiner, mover, leaver etc) One relevant professional certificate (i.e. CISSP, CISA, CRISC, CISM, CIAM, etc) Ability to come in the CLT (Uptown) or MN office 2 days a week. Ability to operate independently (with minimal oversight) and lead engagements (more specifically management relationships with FL and 2nd line) Ability to communicate effectively verbally (i.e. lead meetings with various organizational levels in Front Line and 2nd line, provide internal project status updates) and in writing (i.e. assessment/audit reports) Operational knowledge in O365 (i.e. Teams, Outlook, Excel, Word). Nice to haves: Big four experience (i.e. PwC, KPMG, Deloitte, EY) – ++ IAM technical experience (i.e. familiar with SailPoint, CyberArk, etc) Bachelor’s/Master’s degree degree in Cybersecurity, Information Technology, Risk Management, or a related field. Experience Level Expert Level Pay and Benefits The pay range for this position is $60.00 - $80.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and long-term disability• Health Spending Account (HSA)• Transportation benefits• Employee Assistance Program• Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a hybrid position in Charlotte,NC. Application Deadline This position is anticipated to close on Feb 22, 2025. About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.