Moody's IT Risk is looking for a Sr. Vice President of Access Management to join its growing organization. This is a challenging position requiring a strong background in Information Security practice, deep knowledge of Information Security standards, best practices, technologies and processes, as well as solid communication and organization skills. The candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.
The SVP - Access Management will assume leadership of the teams responsible for executing projects and day to day tasks associated with Access Management. This includes provisioning, de-provisioning and entitlement review across all technology layers, as well as the strategy and evolution of Access Management processes and technologies. The successful candidate will have a strong background in the areas of Identity and Access Management, security access automation technologies, business process and service desk ticketing systems, security best practices standards (ISO, NIST, COBIT), and audit and regulatory frameworks such as SOX. Strong documentation skills are also crucial to successful process and project delivery.
* Demonstrate ownership of the Access Control area and its associated programs, including Identity and Access Management. * Source, hire and lead the global team responsible for security provisioning and entitlement review/recertification, access-related SOX reporting and control execution, and audit support. * Lead the Access Management team driving productivity, performance, adherence to process, and alignment with department and company goals * Create, maintain and align Moody's Information Security policies and standards with industry best practices and business needs * Own Information Security decisions and project deliverables associated with Access Control and Identity and Access Management. Ensure solutions adhere to Information Security policies and standards and that Information Security is appropriately embedded in relevant workflows. * Manage the successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders, Moody's IT (MIT) executives and project teams. * Create and deliver meaningful presentations and reports on project goals and status, tailored to multiple audience types, including senior leadership. * Drive implementation of new security technology platforms by providing thought leadership on design, vendor selection and deployment. * Manage project and operational budgets; providing clear estimates and accurate forecasts. * Act as the lead sponsor for Information Security and Risk projects, working with project teams comprised of Subject Matter Experts and Project Managers, and providing the direction, guidance, planning, expertise, communication and escalation necessary to guarantee the project's timely and satisfactory completion. * Act as a backup to other senior department leaders as needed
* Minimum 12 years of experience in progressively more senior Information Security roles. * Minimum 10 years of experience in progressively more senior Information Security roles. At least 8 years of supervisory experience, ideally in managing a global team. * Strong writing and communication skills. Ability to create and maintain accurate and detailed guidelines and procedures. * Demonstrated expertise in his/her skill area. Member of industry groups and forums, and able to create and give presentations on the subject. * Hands-on experience with identity solutions such as SailPoint, Oracle Identity Management, Aveksa, Hitachi ID, CA and auditing tools such as Varonis or Protegrity. * Familiarity with Help Desk ticketing tools such as ServiceNow. * Ability to interact directly with customers that do not have an IT background including key business stakeholders and clients. * BS or BA degree, preferably in technology/business or equivalent. * Relevant certifications such as CISSP, CISM, ITIL or PMP are a plus. * 5+ years experience in a $1BN+ publicly traded multinational company.
* Thinking with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice areas: identity and access management; application security; audit and regulatory; security operations. * Ability to maintain a high performing, motivated team, and adapt direction to accommodate changes in priorities. * Process driven approach to managing security controls and customer touch points * Knowledge of and experience with current and emerging access management technologies including IAM tools (SailPoint) and File Share Access Auditing (Varonis). * Strong knowledge of Access Management business processes/workflows, and associated tools (ServiceNow). * Off shore vendor management. * Strong knowledge of regulatory standards that govern Information Security practices such as SOX, PCI, and state and federal privacy laws. * Strong knowledge of best practice standards that govern Information Security such as ISO, NIST and SANS. * Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background. * Strong presentation skills involving large and of varying IT background audiences * Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model. * Proven ability to lead projects and initiatives within schedule and budget
Associated topics: c, chief information officer, chief technology officer, css, database architecture, java, operating system, oracle, software development, software manager
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.