- Director of Identity Management
- Go to our website »
Director of Identity Management
Required Qualifications: (as evidenced by an attached resume)
Bachelor's degree.
Leadership/Management experience in building and leading high-performing teams.
Previous experience determining and formulating cybersecurity policies and procedures.
Experience collaborating, establishing credibility and building relationships with senior leadership and external stakeholders.
Experience with enterprise identity management platforms and best practices.
Experience in key identity management and access concepts and principles such as least privilege, privileged access, segregation of duties, role-based access control (RBAC), authentication, authorization, and user lifecycle workflows.
Experience with managing IAM technologies and infrastructure, such as single sign-on (SSO), directory federation, SAML, OAuth, multi-factor authentication, user provisioning and self-service, account creation and management; entitlement review certification and management; enterprise directory architecture and design, and onboarding applications.
Preferred Degree/Qualifications:
Advanced Degree.
An active cyber security or other relevant certification, such as CISSP, CISM, or IDM-specific.
Experience with additional cyber security functions other than identity management.
Experience with procurement of complex technical solutions and services.
Experience with current developments and trends in access provisioning across Active Directory, on-premise and SaaS/Cloud, ERP systems, and other provisioning targets.
Experience leading cross-functional business and technical teams in large and complex environments.
Experience developing identity governance documentation such as policies, procedures, standards, and guidelines, role creation and management, SOD (Separation of Duties), and Access Reviews.
Experience automating manual access management processes across various technologies.
Experience overseeing a budget.
Brief Description/Primary Purpose:
Reporting to the Assistant Vice President and Chief Information Security Office, the Director of Identity Management has the authority to determine and formulate policies and procedures, and participates in the decision making process that results in policy proposals and final decisions on implementation. The Director of Identity and Access Management will establish and lead the development of a robust identity management program and team tailored to the university's complex operating environment and comprehensive healthcare system. This role aims to enhance cybersecurity, ensure regulatory compliance, optimize resource access, and fortify the institution's reputation by identifying and implementing cutting-edge identity and access management practices and technology. The Director will safeguard sensitive data, enable efficient user access, and demonstrate the university's data protection and security commitment. Additionally, the Director works collaboratively with stakeholders and establishes identity management governance. The Director's primary purpose is to create a secure and streamlined environment supporting Stony Brook University's academic, research, and healthcare mission while adhering to the highest security and compliance standards. The successful incumbent will communicate effectively and have expertise in information services for managing user access across a federated environment and with various external entities. The incumbent will oversee identity management within a complex University and Medical Center and will need to be familiar with regulations and frameworks such as HIPAA, FERPA, NIST, GDPR, etc.
Duties:
Strategic Identity Management Program Leadership: Develop a comprehensive identity management strategy aligned with the university medical center's goals and objectives. Collaborate with stakeholders to define identity lifecycle processes, access policies, and standards. Lead cross-functional teams to create, implement, and maintain identity management policies, processes and procedures to mitigate risk and ensure security. Participate in strategic planning and development of annual goals and objectives for the Identity Management, with special attention to providing leadership for those related to the areas within this position's portfolio. Monitor industry trends and emerging technologies to ensure the program remains innovative and effective.
Stakeholder Collaboration: Partner with university departments and units to understand their access needs and requirements. Foster relationships with key stakeholders to promote understanding and buy-in for the identity management program and their ongoing engagement. Collaborate with legal and compliance teams to ensure IAM practices align with relevant regulations and standards.
Technology Implementation: Lead the evaluation, selection, and implementation of identity governance and access management technologies, policies, solutions, and implementation partners. Integrate authoritative sources (HR systems, Student Information, etc.) and core applications such as Active Directory throughout the enterprise. Ensure selected technology will introduce automation of baseline identity functions such as joiner, mover, and leaver functionality. Establish an access request portal leveraging existing ITSM platforms for the first round of integrated applications. Establish access recertification campaigns for sensitive access. Lead on associated procurement efforts. Oversee the integration of IAM tools with existing systems, applications, and databases. Work closely with IT teams to ensure proper configuration, maintenance, and troubleshooting of IAM systems. Collect security, scalability, and usability requirements and ensures they are met.
Other duties or projects as assigned as appropriate to rank and departmental mission.
Special Notes:
This is a full-time appointment. FLSA Exempt position, not eligible for the overtime provisions of the FLSA. Minimum salary threshold must be met to maintain FLSA exemption.
Resume/CV and cover letter should be included with the online application.
Due to U.S. Export Control laws and regulations, the candidate hired will need to be a U.S. citizen, lawful permanent resident, or other "protected individual" (as defined by 8 U.S.C. Sec. 1324b(a)(3).
This position will remain posted until filled or for a maximum of 30 days. An initial review of all applicants will occur two weeks from the posting date. For full consideration, applications must be received before the initial review date. If within the initial review no candidate was selected to fill the position posted, additional applications will be considered for the posted position; however, the posting will close once a finalist is identified, and at minimal, two weeks after the initial posting date.
Stony Brook University is committed to excellence in diversity and the creation of an inclusive learning, and working environment. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, familial status, sexual orientation, gender identity or expression, age, disability, genetic information, veteran status and all other protected classes under federal or state laws.
If you need a disability-related accommodation, please call the university Office of Equity and Access (OEA) at or visit OEA.
In accordance with the Title II Crime Awareness and Security Act a copy of our crime statistics can be viewed here.
Visit our WHY WORK HERE page to learn about the total rewards we
Salary: $150,000-$200,000
To apply, visit https://stonybrooku.taleo.net/careersection/2/jobdetail.ftl?job=2304715&tz=GMT%2B00%3A00&tzname=UTC
jeid-d42742500cf1b8459223003766514345
