pracaon.pl

Principal Domain Architect - Identity and Access Security | Grade 10

Kraków, Małopolskie, Polska, 30-059
ABB
ABB
Partner
5Tg
Gehalt nach Vereinbarung
Vollzeit • Hybrid • Öffentliche Sicherheit und Schutz

Wichtige Merkmale des Angebots

  • Hybridmodell - teilweise remote

  • 15+ Jahre Erfahrung

  • Architektenrolle

Description

W firmie ABB pomagamy przedsiębiorstwom działać sprawniej i czyściej – i każdy człowiek w naszej firmie się do tego przyczynia. Będziesz mieć możliwość przewodzenia, otrzymasz wsparcie w rozwoju i poczujesz dumę z wpływu, jaki wspólnie wywieramy. Dołącz do nas i pomóż zarządzać tym, co napędza świat.Stanowisko to podlega:IS Manager__In this role, you will have the opportunity to act as the architectural authority for your technology area of responsibility. Each day, you will guide and lead Solution Architects to ensure the integrity of the technology architecture. You will also showcase your expertise by realizing the benefits from standardization, synergy, and optimization of the technology landscape across business and domains.The work model for the role is: #LI_hybridThis role is contributing to the Security Risk and Compliance Organization Globally. Main stakeholders are Security teams, Information Systems teams across global services and business areas.You will be mainly accountable for:Defining and maintaining the global IAM architecture vision and roadmap, aligned with enterprise security strategy, regulatory requirements, and business needs.Establishing standards, patterns, and reference architectures to identity lifecycle management, authentication, authorization, and access governance across all environments.Architecting and maintaining the full IAM capability landscape - Identity Governance & Administration (IGA), Privileged Access Management (PAM), Access Management (AM), Customer IAM (CIAM), master data and identity data management, secrets management, machine identity management, and emerging IAM domains.Driving Zero Trust Identity principles, implementing strong authentication, adaptive access, and continuous verification to minimize identity-related risks.Architecting role-based, attribute-based, and policy-based access control (RBAC, ABAC, PBAC) models to ensure least privilege access for users, devices, and services.Integrating IAM capabilities into cloud, on-premises, and hybrid platforms, including SaaS, IaaS, PaaS, and containerized workloads, ensuring consistent policy enforcement.Designing secure integration between IAM platforms and business applications, covering SSO, federation, just-in-time provisioning, and privileged access management.Architecting IAM observability: access monitoring, anomaly detection, behavioral analytics, and automated response to suspicious identity activities.Partnering with HR, application, infrastructure, and security teams to embed IAM controls into joiner-mover-leaver processes and change workflows without disrupting operations.Driving secure credential, secrets, and key management strategies, including password less authentication and integration with hardware-based security modules where appropriate.Embedding IAM resilience principles – high availability, failover, disaster recovery, and service continuity – into architecture patterns.Providing architectural guidance during identity-related security incidents, ensuring lessons learned are integrated into preventive and detective IAM controls.Ensuring rationalization of IAM tools and platforms, consolidating overlapping capabilities across identity providers, MFA solutions, PAM systems, and access governance tools to reduce complexity and cost.Staying ahead of emerging IAM threats such as MFA bypass, deepfake-enabled impersonation, credential stuffing, and supply chain compromises in identity services.Leading and mentoring a globally distributed team of IAM architects and engineers, building capability and ensuring architecture adoption.Acting as a trusted advisor to leadership, translating identity risk and architecture priorities into business impact.Qualifications for the role:Proven expertise in enterprise security architecture, with hands-on experience in architecture tools and technology road mapping.15+ years of experience in security architecture and significant portion of it in Identity Security, including Zero Trust implementation.Cloud Expertise: Deep knowledge of public cloud security principles (identity management, network isolation, and encryption) regardless of the specific provider.Process Driven: Experience mapping technical security controls to global standards like ISO 27002 and NIST 800-53Hands-on Capability: You are comfortable moving from a high-level architectural drawing to a technical prototype to prove a concept works.Architecture certifications like CISSP, SABSA and TOGAF are preferred.Hands‑on experience in architectural modeling using structured languages such as ArchiMate and UML.Strong global experience, especially in collaborating with distributed teams on security topics.Deep understanding of security architecture design models and frameworks.Bachelor’s degree in Computer Science or related field (preferred).Excellent communication and presentation skills, possessing confidence when engaging senior stakeholders.Aby zbudować czystszą, mądrzejszą przyszłość, potrzebne są różne umysły: ciekawe, odważne i kreatywne. Dlatego witamy ludzi z każdego środowiska i o różnych doświadczeniach. Chcesz wywrzeć wpływ? Aplikuj już dzisiaj lub odwiedź stronę https://www.abb.com, aby dowiedzieć się więcej o wpływie naszych rozwiązań na całym świecie. Pełny etat

Umowa

  • Umowa o pracę

Poziom

  • Grade 10

Requirements

  • Identity Governance & Administration

  • Privileged Access Management

  • Access Management

  • Customer IAM

  • Zero Trust Identity

  • Authentication

  • Authorization

  • Access Governance

  • Cloud Security

  • Identity Data Management

  • Behavioral Analytics

  • Identity Risk Management

  • ISO 27002

  • NIST 800-53

  • ArchiMate

  • UML

Zdalna praca

  • Nie

Wykształcenie

  • A bachelor's degree in Computer Science or a related field is preferred.

Responsibilities

  • Define and maintain the global IAM architecture vision and roadmap.

  • Establish standards and reference architectures for identity lifecycle management.

  • Architect and maintain the full IAM capability landscape including IGA and PAM.

  • Drive Zero Trust Identity principles and implement strong authentication methods.

  • Integrate IAM capabilities into cloud and hybrid platforms ensuring policy enforcement.

Qualifications for the role

  • Proven expertise in enterprise security architecture, with hands-on experience in architecture tools and technology road mapping.

  • 15+ years of experience in security architecture and significant portion of it in Identity Security, including Zero Trust implementation.

  • Cloud Expertise: Deep knowledge of public cloud security principles (identity management, network isolation, and encryption) regardless of the specific provider.

  • Process Driven: Experience mapping technical security controls to global standards like ISO 27002 and NIST 800-53

  • Hands-on Capability: You are comfortable moving from a high-level architectural drawing to a technical prototype to prove a concept works.

  • Architecture certifications like CISSP, SABSA and TOGAF are preferred.

  • Hands‑on experience in architectural modeling using structured languages such as ArchiMate and UML.

  • Strong global experience, especially in collaborating with distributed teams on security topics.

  • Deep understanding of security architecture design models and frameworks.

  • Bachelor’s degree in Computer Science or related field (preferred).

  • Excellent communication and presentation skills, possessing confidence when engaging senior stakeholders.

You will be mainly accountable for

  • Defining and maintaining the global IAM architecture vision and roadmap, aligned with enterprise security strategy, regulatory requirements, and business needs.

  • Establishing standards, patterns, and reference architectures to identity lifecycle management, authentication, authorization, and access governance across all environments.

  • Architecting and maintaining the full IAM capability landscape - Identity Governance & Administration (IGA), Privileged Access Management (PAM), Access Management (AM), Customer IAM (CIAM), master data and identity data management, secrets management, machine identity management, and emerging IAM domains.

  • Driving Zero Trust Identity principles, implementing strong authentication, adaptive access, and continuous verification to minimize identity-related risks.

  • Architecting role-based, attribute-based, and policy-based access control (RBAC, ABAC, PBAC) models to ensure least privilege access for users, devices, and services.

  • Integrating IAM capabilities into cloud, on-premises, and hybrid platforms, including SaaS, IaaS, PaaS, and containerized workloads, ensuring consistent policy enforcement.

  • Designing secure integration between IAM platforms and business applications, covering SSO, federation, just-in-time provisioning, and privileged access management.

  • Architecting IAM observability: access monitoring, anomaly detection, behavioral analytics, and automated response to suspicious identity activities.

  • Partnering with HR, application, infrastructure, and security teams to embed IAM controls into joiner-mover-leaver processes and change workflows without disrupting operations.

  • Driving secure credential, secrets, and key management strategies, including password less authentication and integration with hardware-based security modules where appropriate.

  • Embedding IAM resilience principles – high availability, failover, disaster recovery, and service continuity – into architecture patterns.

  • Providing architectural guidance during identity-related security incidents, ensuring lessons learned are integrated into preventive and detective IAM controls.

  • Ensuring rationalization of IAM tools and platforms, consolidating overlapping capabilities across identity providers, MFA solutions, PAM systems, and access governance tools to reduce complexity and cost.

  • Staying ahead of emerging IAM threats such as MFA bypass, deepfake-enabled impersonation, credential stuffing, and supply chain compromises in identity services.

  • Leading and mentoring a globally distributed team of IAM architects and engineers, building capability and ensuring architecture adoption.

  • Acting as a trusted advisor to leadership, translating identity risk and architecture priorities into business impact.

Das Angebot wurde von einem externen Portal importiert.Anzeigenquelle