Gallagher is a global leader in insurance, risk management and consulting services. We help businesses grow, communities thrive and people prosper. We live a culture defined by The Gallagher Way , our set of shared values and guiding tenets. A culture driven by our people, over 30,000 strong, serving our clients with customized solutions that will protect them and fuel their futures. Position Summary : IAM Architect will serve as a key technical resource in our Global Cyber and Information Security (GCIS) organization. Responsible for defining An identity and access management methodology and standard that is aligned to the most current, emerging, secure and verified identity access practices and tooling. Ensuring recommendations enable the required level of protection for all internal and external users providing a zero trust methodology enabled through a globally consistent experience. Work closely with other Information Security colleagues, IT & Infrastructure organization and Business teams globally to provide guidance for viable identity management solutions and adoptable standards. Key Responsibilities :
Define and create Identity Access Management architectural standards, models, design patterns and technical specification documents.
Assess, monitor and recommend improvements to global identity solutions to ensure and improve upon state of the art secure identity access and user identity repository protocols, tighten access management controls and balance costs associated with enabling secure customer and internal identity access.
Work closely with the security engineering team and assist in securely configuring patterns to enable zero trust and consistent verification across the global AJG domain product landscape.
Oversee and consult with project teams in business units to ensure adherence to security design patterns, protocols, best practices, authorizations and SLAs for identity and access procedures.
Designs and collaborates on solutions that balance business requirements with identity management security requirements ensuring the business process aligns to the recommended security services.
Proactively identifies technical and architectural risks of identity management services or solutions maintaining or managing users, commenting and/or providing safer identity management alternatives and presenting them for approval.
Participate in security technology evaluations, proof of concept testing and provide in-depth identity management analysis of the proposed solution including enhanced recommendations for PAM services.
Collaborate and partner with various key stakeholders across the enterprise to ensure alignment with the overall intended identity access management controls and design.
Partner with architects and engineers within infrastructure, network, application and business teams to ensure that identity solutions (custom or SaaS, internal or customer) are developed and managed as per GCIS policies and standards.
Assist security compliance partners with risk mitigation and governance activities associated to identity and access management.
Primary role is to support building identity access management architectural/solution designs and standard services supporting SaaS and custom applications.
Periodically provide security architecture reviews of identity access patterns and configurations of proposed identity access management solutions.
Participate on an IAM governance board providing reviews and recommendations for future state IAM and CIAM services and standards.
Bachelor's degree in Computer Science or related field
Minimum 3+ years of cybersecurity experience
Minimum 1+ years of experience reviewing detailed solution architectures utilizing identity access management solutions and providing feedback to the application and infrastructure teams
Experience with reviewing identity access management services, methodologies and patterns for custom and SaaS solutions
1+ years of experience working with at least one IAM standard toolset (PING, ForgeRock, OKTA)
Strong knowledge of complex identity and access offerings involving MFA, biometrics, workflows, custom services and processes for user support on prem and in the cloud
Hands on experience working with IAM licenses and ability to negotiate with identity service providers to procure the most cost effective support for AJG
Demonstrated working experience in a regulated and globally distributed environment with various identity security risk accessibility points (on prem, laptop, mobile)
Knowledge and experience in enterprise architecture frameworks such as; TOGAF.
Knowledge and experience implementing security standards frameworks (NIST - CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR)
At least one certification related to information security such as; CISSP, CCSP, AWS Solutions Architect, Azure Security.
Demonstrated knowledge of identity and access management security monitoring tools and testing procedures supporting internal and external access.
Insurance and risk management domain knowledge desirable.
Key Characteristics :
Strong communications skills - oral and written.
Self-starter with strong work ethic.
Flexible and resilient, handle various demands planned and unplanned.
Proven ability to handle multiple tasks and projects simultaneously.
Problem solver and desire to close issues, pragmatic and realistic with solutions.
U.S. Eligibility Requirements:
Interested candidates must submit an application and resume/CV online to be considered
Are you 18 years of age or older or can you demonstrate legal capacity to enter a contract?
Must be willing to submit to a background investigation; any offer of employment is conditioned upon the successful completion of a background investigation
Must have unrestricted work authorization to work in the United States. For U.S. employment opportunities, Gallagher hires U.S. citizens, permanent residents, asylees, refugees, and temporary residents. Temporary residence does not include those with non-immigrant work authorization (F, J, H or L visas), such as students in practical training status. Exceptions to these requirements will be determined based on shortage of qualified candidates with a particular skill. Gallagher will require proof of work authorization
Must be willing to execute Gallagher's Employee Agreement or Confidentiality and Non-Disclosure Agreement, which require, among other things, post-employment obligations relating to non-solicitation, confidentiality and non-disclosure
Gallagher offers competitive salaries and benefits, including: medical/dental/vision plans, life and accident insurance, 401(K), employee stock purchase plan, educational expense reimbursement, employee assistance program, flexible work hours (availability varies by office and job function) training programs, matching gift program, and more.
Gallagher believes that all persons are entitled to equal employment opportunity and does not discriminate against nor favor any applicant because of race, sex, color, disability, national origin, religion, creed, age, marital status, citizenship, veteran status, gender, gender identity / expression, actual or perceived sexual orientation, or any other protected characteristic. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified applicant with a disability, unless the accommodation would impose an undue hardship on the operation of our business.