Purpose of the job
Reporting directly to the head of Security governance and risk management, the IAM Architect leads the Global Alstom IT strategy in terms of identity and access management.
He or she is in charge of developing and leading the governance of identities and accesses, in compliance with the IAM security policy at group level. This includes the definition of global processes to manage the lifecycle of users’ accounts and identity in the IT landscape.
He coordinates and gather relevant stakeholders around IAM topics, including but not limited to HR, Sourcing, Master Data managers, IS&T, business representatives.
He designs the appropriate IAM mechanisms and tools to be implemented within the Alstom Information System and is in charge of leading the functional and technical roadmap.
He leads the external resources team supporting Alstom IAM program and ensure the relation with external parties with the support of sourcing and legal teams.

Main responsabilities
The IAM architect is solution owner for some specific Security Solutions under his responsibility
IAM standards
Architecture validation, against Security Policy
Governance of identities and accesses
Support level 3 – expertise – for IAM platforms and topics
The IAM lead architect follows and validates the security aspects related to IAM in Alstom’s IT projects
ISSCQ – produce all Information System Security and Compliance Questionnaire at the initial phase of all projects
Risk analysis – perform risk analysis and identify mitigation plan when relevant
Security Insurance Plan –make sure that all IT partners/providers respect the IAM policy when they deliver services (e.g. Cloud or SaaS provider)
Security Acceptance –make the right decision considering the residual risk and the asset value
ISS Run Q&A and industrialization
Qualification & Competencies – Expected Level

Qualification:
(to be filled for Job offer)
Initial Background: an IAM leader having 10 years of experience in IAM Security activities, ideally with an architecture background in IT Security
Languages: English (mandatory)
, French (optional)

Mandatory experiences:
IAM concepts
IAM Architecture
Security background
Excellent written/verbal/communication, listening and facilitation skills
Able to analyze risks and to design an appropriate IAM security pattern (provisioning, habilitation workflow, authentication, master data authorities, segregation of duty, Privileged Access Management, federation)
Subject-matter expertise across all IAM topics as it relates to both cloud and on-premises enterprise technology, and the relationship between the architectures.
Drive the adoption of Authentication and Authorization reference architectures for existing, new and emerging IAM technologies.
Develop effective architecture solutions that not only satisfy immediate project requirements but also deliver a coherent, reusable, reliable and phased architecture to help the business grow and change while aligning IAM security policy.
Risk analysis
Knowledge of ISO 27002 and ISO 27005
Competencies (only for Job description)
Technical Competencies (max 20)

Experience architecting IAM solutions: Level 4
Experience on IAM solutions within Saviynt AAG, Microsoft Azure or other IAG solution: Level 3
Very Good understanding of Identity & access governance, Multi-Factor authentication and Privileged Access Management: Level 4
Good understanding on technologies related to Identity and access management, such as e.g. API ,AD,LDAP,SQL : Level 4
Intimately familiar with IAM related protocols such as SAML, SCIM, SPML, XACML, OpenID and OAuth : Level 4
Good understanding on functional concept of Identity and access management (workflows, SOD, recertification access, provisioning, auto-correlation access, …): Level 4
Good understanding on IT architecture principals and design (e.g network, e.g) Level 3
2-3 years of IAM Saviynt software experience is appreciated:
Level 1

Leadership dimensions
Ability to work global with functional as well as technical teams in a dynamic environment: Level 3
Ability to drive architecture topic related, to various stakeholders (Team, Architects, Head of, VP, Business): Level 3
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.

Click here to Apply Online