IT Security Manager - Identity and Access Management

Location: Remote
Type: Full-Time
Department: Information Security
About Us
As the largest online distributor of restaurant supplies and equipment, WebstaurantStore, a Clark Associates company, hosts an expansive catalogue with over 430,000 products that are delivered through fast, dependable shipping, making us the internet's largest restaurant supplier. Our CAST (Clark Associates Security Team) is committed to maintaining the highest standards of security and integrity in all our applications and systems.
Job Overview
We are seeking a dynamic and experienced hands-on Identity and Access Management (IAM) Engineer to lead and enhance our organization?s IAM, Privileged Access Management (PAM), and password management programs. This role is critical to ensuring secure, efficient, and compliant access to organizational resources while supporting the adoption of a Zero Trust framework to strengthen our security posture.
You will oversee the development, implementation, and maintenance of IAM policies and technologies, fostering collaboration across teams to ensure seamless integration and operation of access management processes. Hands-on experience with Azure technologies and IAM tools is essential for success in this role. If you have a passion for access control, innovative security solutions, and mentoring a team to achieve excellence, we encourage you to apply.
Key Responsibilities
? Develop and Execute IAM Strategy: Design and implement a robust IAM strategy aligned with organizational objectives, regulatory compliance, and Zero Trust principles.
? Policy and Procedure Oversight: Establish, enforce, and continuously improve IAM, PAM, and password management policies and procedures to mitigate security risks and enhance operational efficiency.
? Technology Implementation and Management: Oversee deployment and management of IAM and PAM technologies, including tools like Active Directory, Azure AD, Okta, SailPoint, CyberArk, and Thycotic. Ensure configurations align with security and compliance standards.
? Access Management: Supervise access provisioning, modification, and de-provisioning processes using role-based access controls (RBAC) and least privilege principles. Regularly review access controls to ensure appropriate levels of access.
? Privileged Account Oversight: Manage and monitor privileged accounts, ensuring activities are logged, reviewed, and secured against misuse.
? Password Management: Implement and maintain enterprise password management solutions, adhering to stringent password policies and industry best practices.
? Access Reviews and Audits: Lead periodic access reviews and audits to detect and resolve inappropriate access while ensuring compliance with standards such as NIST 800-53, ISO/IEC 27001, and CIS Controls.
? Collaboration and Communication: Work closely with IT, HR, and cross-functional teams to ensure IAM policies and practices integrate seamlessly into organizational workflows. Present IAM strategies, risks, and audit findings effectively to stakeholders and leadership.
? Zero Trust Adoption: Lead initiatives to align IAM practices with a Zero Trust framework, including continuous verification, least privilege access, and minimizing implicit trust.
Qualifications
? Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
? Minimum 5 years of experience in IAM, PAM, or related access management roles.
? Strong knowledge of IAM frameworks, regulatory requirements, and industry best practices (e.g., NIST 800-53, ISO/IEC 27001).
? Hands-on experience with Azure technologies and IAM tools (e.g., Active Directory, Okta, SailPoint) and PAM solutions (e.g., CyberArk, Thycotic, BeyondTrust).
? Proven ability to manage and execute IAM initiatives in alignment with a Zero Trust framework.
? Excellent communication, organizational, and leadership skills.
? Relevant certifications preferred: CISSP, CISM, CIAM, GMON, Azure Administrator Associate (AZ-104), Azure Security Engineer Associate (AZ-500), or equivalent.
Skills
? Effective Communication: Proven ability to present IAM strategies, risks, and findings to stakeholders and leadership. Strong written and verbal communication skills for documenting IAM procedures and policies.
? Technical Expertise: Proficiency in IAM tools such as Azure AD, Okta, SailPoint, and Active Directory. Hands-on experience with PAM solutions like CyberArk, BeyondTrust, and Thycotic. Skilled in scripting and automation using PowerShell, Python, or similar tools.
? Industry Knowledge: In-depth understanding of IAM frameworks, regulatory requirements, and best practices (e.g., NIST 800-53, ISO/IEC 27001). Familiarity with Zero Trust principles and how they integrate into IAM strategies.
? Time and Priority Management: Ability to manage multiple IAM projects efficiently, prioritize tasks based on risk levels and business impact, and ensure timely completion of access reviews and audits.
? Leadership: Demonstrated capability to mentor and guide team members in IAM practices. Ability to take the lead on IAM initiatives and integrate policies into organizational workflows.
Remote work qualifications
? Access to a reliable and secure high-speed internet connection. Cable or fiber internet connections (at least 75mbps download/10mbps upload) are preferred, as satellite connections often cannot support the technologies used to perform day-to-day tasks.
? Access to a home router and modem.
? A dedicated home office space that is noise- and distraction-free. The space should have strong wireless connection or a wired Ethernet connection (wired connection is preferred, if possible).
? A valid, physical address (apartment, suite, etc.). PO Boxes are not supported, as a physical address is required for you to receive your computer equipment.
? The desire and ability to work and communicate with other team members via chat, webcam, etc.
? Legal residents of one of the following states: (AK, AL, AR, AZ, CT, DE, FL, GA, IA, ID, IN, KS, KY, LA, MD, ME, MI, MN, MO, MS, NC, ND, NH, NM, NV, OH, OK, PA, SC, SD, TN, TX, UT, VA, VT, WI, WV, and WY). H-1B Visa Sponsorship Not Available, W2 only.