Director, Identity Access Management

Comcast - Moorestown, NJ

Summary
Comcast Information and Infrastructure Security is the core CyberSecurity team at Comcast. IIS is composed of a team of transformative security professionals expanding in multiple directions, across borders and, most of all, in the way we think. Here, innovation isn't simply about defending our network and systems, it's about transforming the cybersecurity efforts across our company. Ready to make a difference? Come join our Team!

Broadly regarded as innovators and thought leaders, our executive team has served in key industry security roles, on the boards of national and community-based organizations, and in a number of Federal and Legislative initiatives. We have spent decades investing in the technology and information security capabilities that help us protect and defend our company; we have developed solutions that are practical today and scalable for tomorrow; and we have created collaborative teams dedicated to innovation across each of our businesses to share our best thinking.

The Director of Identity Access Management and Authentication leads the company's enterprise IDM and Authentication Engineering team, which includes technical security engineering and security technology integration across many platforms. IIS is responsible under the guidance of the CISO and team comprehensive information and cyber security across both the Enterprise and our Xfinity branded technology platforms. Responsibilities include clear communication of Engineering strategy, management and mentoring of senior enterprise security engineers, deep knowledge of IDM and Access Management platforms and technologies and excellent business acumen.

This open, collaborative and communicative leader will reside within Comcast's CyberSecurity Engineering and Operations organization. In this role, you will be responsible for providing active and engaged leadership with business, Cybersecurity and IT teams relative to Identity and Access Management, as well security consulting expertise in support of strategic company initiatives. This leader will collaborate with Security teams, Corporate IT, Operations and application services and business partners to develop, document, implement, and monitor integrated, holistic and consistent IDM and Access architectures. This leader is a bridge builder and takes time to understand the culture of the company and our client's requirements to execute flawlessly in building and governing sprawling enterprise security architectures.

 

Core Responsibilities

• Provide expertise and understanding of the Corporate Identity Management landscape working with leadership to mold, shape and expand the IDM service footprint.
• Define, design, build, testing, and rollout of the enterprise IDM and Access Management solutions in collaboration with internal and external resources.
• Serve as a trusted adviser to the business stakeholders and understand their core business processes, business priorities which can be enhanced using IDM solutions.
• Provide technical Engineering and vision for customers' application platforms
• Ability to support negotiations on scope of work as well as manage work with outside vendors / integrators. This includes SOW, MSA, NDA's, along with full financial tracking and defining business benefits.
• Contribute and review IDM and Access Management solution design: ensure innovation, security, and business requirements are met, while also keeping a keen eye on improving the associate's experience with technology
• Partner with other internal or supplier teams as needed (e.g. architecture, information security, network)
• Collaborate cross-functionally with other technology teams and security policy organization.
• Define an enterprise IDM Engineering strategy, with a roadmap of key deliverables and timelines, and deliver consistently.
• Mentor other members of the team on IDM best practices
• Maintain up-to-date knowledge by researching new technologies and software products, participating in educational opportunities and conferences, and reading professional publications
• Foundational knowledge of Identity Management technologies such asSailPoint, PingID, CA Minder Suite
• Experience with roadmap ownership, use case creation, strategy development, KPI development, and customer relationship management
• Significant experience working with large tier security vendors leading RFI/RFP's and contributing to industry standards and working groups
• A true technical director that inspires creativity and technical leadership from his/her team. A leader focused on the execute component that is agile and understands how to map the business needs to

 

Primary Responsibilities:

• Participating in the definition and leading technical programs that support the IIS security strategy and architecture for security services, mechanisms and safeguards for a broad reaching information security program
• Working in active partnership with stakeholders (Office of the Global CISO, IIS Security Strategy and Architecture teams, IIS Policy and Compliance Organizations, Network Engineering Organization, and the Business| parallel technical teams) to understand often unique business requirements and develop supporting security domain expertise and technical objectives that will enable the growth and evolution of Comcast's CybrSecurity Identigy Management program
• Ensuring that operational and incident trends and observations are considered with regard to the evolution of the company's enterprise security architecture capabilities
• Communicating and working through conceptual design (CCD-HLD) and (SLD) system level design to design in compensating controls, increase visibility/telemetry and IR capabilities.
• Designing and evaluating platforms and structure for integrating diverse security toolsets and technologies.
• Providing consulting function to IIS leaders in addressing their IDM and Access Management posture
• Promoting a consistent risk vocabulary for application risk and controls and aligning that vocabulary with related compliance and business risk disciplines within the organization
• Developing metrics that demonstrate current technology implementation roadmaps, indicators of progress, and alignment across IIS teams for those activities
• Supporting other senior leaders in Information Risk Management in leveraging those metrics as part of the overarching risk and operational dashboard
• Formally and informally responding to customer and regulatory requests with regard to application security services, mechanisms and safeguards (this includes regular communications with regulatory, privacy and legal stakeholders and active participation in both internal and external audit activities)
• Significant experience working with large tier security vendors leading RFI/RFP's and contributing to industry standards and working groups
• A true technical director that inspires creativity and technical leadership from his/her team. A leader focused on the execute component that is agile and understands how to map the business needs to viable technology solutions. An extremely technical leader and SME Identity Management Technologies and their implementation in large scale environments.
• Working under extreme pressure and tight deadlines in a calm and collaborative fashion leading from the front

Required Qualifications:

• 5+ years of experience leading IDM Engineering teams and building Access Management Platforms and Solutions
• 10+ years of leadership and mentoring experience in hands-on and rolling up your sleeves management
• 10+ years of experience managing and providing technical leadership for complex enterprise security projects/programs for a large enterprise organization
• 10+ years of experience with Identity Management technologies and implementations
• Specific experience managing projects / programs from concept through implementation (supporting oversight processes) using a structured project management methodology across the entire project life cycle (not a project manager)

Education Level: Bachelor's Degree or Masters Preferred
Field of Study:System Engineering, System Development, Cyber Security, Computer Science, Identity Management, Access Management or related field
Certifications: Industry-specific certifications, including two or more of the following (preferred): C|CISO, CISSP, CISA, CISM, ISSACA.
Years' Experience:Generally requires 10+ years related experience. Five or more years in a carrier class Internet Service Provider, preferred.

---

Posted: 30+ days ago

Apply Now