In order to further Danske Bank’s ambition to be amongst the safest and most secure banks in the world, we are seeking a skilled Identity and Access Management (IAM) architect to lead our IAM capability.
We are looking for candidates who understand the complexity of IAM infrastructure and processes in an environment with significant legacy but which is maturing rapidly. Ideally, candidates should have a broad understanding of information and cyber security and how they fit into a bank’s operational risk framework.
In this role, you will report up to the Chief Information Security Officer (CISO). While you will not own most identity and access management infrastructure, you will be responsible for working across the group IT organization to define and implement an appropriate approach for topics ranging from multi-factor authentication to privileged access management and single sign-on. You will, however, own the teams responsible for IAM administration, IAM architecture, and cryptographic key infrastructure. Most importantly, you will play a core role in defining and delivering our long-term strategic security roadmap.
You will join Group IT Security and Risk (GISR), which is the organization reporting to the CISO. The team currently has staff based in Ejby (near Copenhagen), Brabrand (Aarhus), Vilnius, Tallinn, and dotted-line staff in Bangalore. The team has grown very rapidly in recent years and has excellent energy and motivation. Due to the high degree of international staff working in Group IT, the language of business is exclusively English, though you will be welcome to speak Danish (or learn it!) with many of your colleagues if you desire.
• Assemble an IAM vision and delivery path as part of the overall security roadmap
• Drive the design and implementation of new IAM services
• Ensure delivery of the operational (business as usual - BaU) IAM administration tasks by your team
• Structure and manage your team (approximately 15 staff at present) according to strategic targets, including KPIs, career development and financials
• Contribute to the bank’s social responsibility agenda by helping to enhance the overall security of the Nordic market, e.g. through cross-sector projects, guest lectures and awareness initiatives
• Engage the team and key stakeholders, both technical and business, in discussion around the future of IAM at Danske Bank, successfully influencing to sell your vision to the organization
• Translate agreed objectives into priorities for the team. Guide and coach team members into delivering accordingly, with frequent reviews resulting in proactive corrective action where necessary
• A core delivery of this role will be an ambitious yet feasible (barely!) multi-year IAM roadmap that has buy-in from all key stakeholders
• A long-term success criteria will be to build a fully functional organization that can stand on its own should you move into another role; milestones will be defined to assess the resiliency of your organization
• Other success criteria include the timely delivery by your team of various BaU tasks including access request provisioning / de-provisioning, delivery of service according to agreed SLAs and audit support / closure related to the IAM space
• Of course, financial criteria will come into play; increasing efficiency or speed of service delivery may also be measured
Who are you?
• You must have 10+ years’ experience within the IAM field
• You must have demonstrable experience in architecting and delivering IAM solutions, both from a technical (infrastructure) perspective as well as from a process (e.g. joiners-movers-leavers) perspective
• You should have 5+ years’ experience in a management role within security
• You should have familiarity with Active Directory and Mainframe RACF; knowledge of access provisioning in areas such as LDAP, Unix, various databases and other applications would be welcome
On a more personal level, we are looking for someone who can see themselves in the following:
• You should have high comfort level engaging with auditors and regulators in your domain, backed by demonstrable experience
• You must be a first mover: someone who can proactively transform the IAM function rather than someone who reacts to new demand
• You must be trustworthy and charismatic, while also being a subject matter expert
• You must be an open-minded, energetic and versatile person, able to step into a tight-knit team
• You must be delivery-oriented
If you have any questions about the position, you are welcome to reach out to Lance McGrath, Chief Information Security Officer, at MCG@danskebank.dk.
Send application and CV no later than 05.03.2019.