Senior Identity and Access Management Security Analyst

at  Beazley Management Limited

General:
Senior Identity and Access Management Security Analyst
An exciting opportunity for US based candidates to join our dynamic and innovative Security team to support the implementation of our Identity and Access Management delivery by gathering requirements, advising best practices, documenting processes and supporting our capability. Partner deeply with security other other key counterparts to implement identity and access management best practices to secure our company.

Key Responsibilities:

• Provide clear guidance and requirements in developing and executing on enterprise identity solutions
• Steward excellent security practices as it relates to securing Beazley against Identity related threats by working with architects and security counterparts and internal and external stakeholders across the organisation
• Establish standards, driving designs and implementation of appropriate identity and access management processes and controls which help improve operations and lower risk
• Guide business internal teams through best practice and highlight and remediate any areas of concern. Act as the conduit between the business and technical teams on all IAM issues
• Own, write and review requirements with relevant stakeholders; negotiate detailed requirements and solution design and manage any exception processes
• Define and implement business processes, dashboards, use cases and documentation to ensure a secure, robust and resilient program
• Create and maintain technical documentation in relation to IAM for the team to reference and share with stakeholders
• Provide clear requirements, setting expectations, and understanding our technology capabilities
• Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures
• Proactive identification of security concerns and address escalated or high-risk issues
• Support the response to security incidents and vulnerabilities
• Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices
• Develop and maintain cyber policies and standards aligned with recognised frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, Data Security Foundations, etc.
• Maintain an awareness of the existing and emerging threat landscape
• Deliver BAU activities as directed
• Ensure security policies are up to date and used appropriately and effectively across the business, creating training for business areas as required
• Ensure data risks and threats facing Beazley are understood and articulated to the CISO and wider security team to ensure the timely configurating of existing technologies to get ahead of known and perceived data security
• Facilitate the creation of enterprise IT solutions considering crucial aspects such as APIs, security, scalability, manageability, and usability, resulting in comprehensive and effective solutions
• Serve as an SME the user’s perspective. Help develop functional requirements, processes, and automation
• Produce concise and accurate reports, KRI’s/KPI’s and executive summaries of Information Security topics and techniques
• Feed threat knowledge into the IAM and PAM requirements
• Proactive identification of security concerns and address escalated or high-risk vulnerabilities
• Participate and contribute to the various Beazley Committees

Skills and Knowledge Specification:

Skills and Abilities:

• Knowledge of general industry IAM concepts and best practices
• Knowledge of security and compliance frameworks such as NIST/FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, Data Security Foundations, etc.
• Experience managing numerous, competing demands from internal and external stakeholders while maintaining excellent and on time delivery
• Excellent written and oral communications skills. The ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff and management
• The ability to prioritise work and deliver results in a pressurised environment, through tactical and strategic planning
• The ability to manage significant stakeholder contact, providing expert advice which demonstrates judgement and an understanding of the business
• A demonstrated ability to develop strong relationships across businesses
• Confident and assured at interacting and communicating effectively with a range of stakeholders
• Self-motivation, with an ability to work with high degree of autonomy and to be results-driven with a flexible approach to working
• An understanding of the various data regulations and requirements that Beazley is subject to, in the UK, the US and around the world
• Strong understanding of IT security principles, standards, and best practices particularly relating to Identity & Access Management and Privileged Access Management
• Strong problem-solving skills to troubleshoot, be able to understand technically assigned tasks and follow documented procedures
• Ability to function under pressure in an independent environment demonstrating high-energy, detail-oriented proactiveness

Knowledge and Experience:

• At least five years’ work experience within the Identity and Access Management area
• Experience in technical, business, and/or IT roles with focus on Identity and Access Management
• Proven track record of developing and executing on enterprise identity solutions
• Knowledge of general industry IAM concepts and best practices
• Knowledge of security and compliance frameworks such as NIST/FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, Data Security Foundations, etc.
• Experience of working and managing vendor IAM tools and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, Azure MFA etc
• Exceptional interpersonal skills and the ability to communicate effectively with both technical and non-technical audiences, verbally and in writing
• Experience managing numerous, competing demands from internal and external stakeholders while maintaining excellent and on time deliver
• Exhibit strong leadership and influencing skills in a complex, matrix environment and demonstrates the ability to broker agreements among diverse, differing, or completing priorities and perspectives
• Establish IAM programme KPIs and reporting
• Document IAM processes and procedures
• Engage in the planning, designing, development, and testing of systems or applications, both for software enhancements and new products, which may include cloud-based or internet-related tools.
• Identify opportunities to minimise technology expenses and complexity, seeking ways to optimise resources
• Confidence working within agile methodologies
• Ability to handle sensitive situations with discretion and employ high ethical standards.
• Advanced understanding of sensitive data types, their handling requirements and how to respond to their exposure

Aptitude and Disposition:

• Outcome focussed, self-motivated, flexible and enthusiastic
• Professional approach to successfully interact with managers/colleagues/external suppliers

Competencies:

• Technical expertise
• Conceptual thinking and problem solving
• Collaboration and coaching
• Planning and managing resources effectively
• Delivery orientation, initiative and drive
• Purposeful communication and capacity to influence others.
• Team player
• Customer and business focused.

General:
Who We Are:
Beazley is a specialist insurance company with over 30 years’ experience helping people, communities and businesses to manage risk all around the world. Our mission is to provide Beautifully Designed Insurance, innovating to give our clients the maximum benefit with minimum hassle.
Our products are wide ranging, from cyber & tech insurance to marine, healthcare, financial institutions and contingency, covering risks such as the weather, film production or protection from deadly weapons.
Our Culture:
We employ over 2,500 people globally, hosting a wonderful diversity of cultures, experiences and backgrounds. We are proud of our unique culture at Beazley that empowers our staff to work from when and where they want, in an adult environment that’s low on policies & politics but big on collaboration, diversity & personal accountability.
Our three core values inspire the way we work and how we treat our customers and people – 1) Be bold 2) Strive for better 3) Do the right thing. Upholding these values every day enables us to become an innovative and responsive organisation, in touch with the changing world and marketplace around us. We have set ambitious diversity & sustainability targets as we strive to better our business and the insurance industry as whole

• Provide clear guidance and requirements in developing and executing on enterprise identity solutions
• Steward excellent security practices as it relates to securing Beazley against Identity related threats by working with architects and security counterparts and internal and external stakeholders across the organisation
• Establish standards, driving designs and implementation of appropriate identity and access management processes and controls which help improve operations and lower risk
• Guide business internal teams through best practice and highlight and remediate any areas of concern. Act as the conduit between the business and technical teams on all IAM issues
• Own, write and review requirements with relevant stakeholders; negotiate detailed requirements and solution design and manage any exception processes
• Define and implement business processes, dashboards, use cases and documentation to ensure a secure, robust and resilient program
• Create and maintain technical documentation in relation to IAM for the team to reference and share with stakeholders
• Provide clear requirements, setting expectations, and understanding our technology capabilities
• Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures
• Proactive identification of security concerns and address escalated or high-risk issues
• Support the response to security incidents and vulnerabilities
• Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices
• Develop and maintain cyber policies and standards aligned with recognised frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, Data Security Foundations, etc.
• Maintain an awareness of the existing and emerging threat landscape
• Deliver BAU activities as directed
• Ensure security policies are up to date and used appropriately and effectively across the business, creating training for business areas as required
• Ensure data risks and threats facing Beazley are understood and articulated to the CISO and wider security team to ensure the timely configurating of existing technologies to get ahead of known and perceived data security
• Facilitate the creation of enterprise IT solutions considering crucial aspects such as APIs, security, scalability, manageability, and usability, resulting in comprehensive and effective solutions
• Serve as an SME the user’s perspective. Help develop functional requirements, processes, and automation
• Produce concise and accurate reports, KRI’s/KPI’s and executive summaries of Information Security topics and techniques
• Feed threat knowledge into the IAM and PAM requirements
• Proactive identification of security concerns and address escalated or high-risk vulnerabilities
• Participate and contribute to the various Beazley Committee