Security Transformation, Supervisor

RSM Security, Privacy and Risk Supervisor - Identity and Access Management (IAM)

In order to address the most critical needs of our clients, RSM US LLP has established the Security and Privacy Services group, comprised of more than 150 professionals dedicated exclusively to serving the cyber security needs of our clients. This group includes experienced consultants located throughout the country dedicated to helping clients with preventing, detecting, and responding to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of security testing, architecture, governance, compliance, and digital forensics and security transformation.

We are seeking individuals with both broad and deep IAM experience and skills to join our IAM Services team and deliver IAM implementation services to our clients in a variety of industries and geographic locations. Successful candidates will have solid working knowledge of IAM leading practices, common business use cases, leading vendor products & solutions, federated and composite IAM architectures, IAM technology trends and innovation and experience leveraging this knowledge to benefit clients.

At RSM, Supervisors work with large and small companies in various industries. They develop strong working relationships with clients built on understanding their businesses and challenges. Supervsiors work on multiple team engagements each year, including several pieces of any particular assignment-not just one part. Working in a mutually respectful team environment helps our associates perform at their best and integrate their career with their personal life. You will have the 5-6 years of experience in the following:

Knowledge of, implementation experience or certification in SailPoint IIQ, IdentityNow, Okta, Forgerock, Ping, OneLogin, Azure (AD) or AD
IAM federated architecture design and implementation experience (SSO/MFA, IAG/HRIS, AD/LDAP integration)
Knowledge of key IAM concepts and protocols (AuthN, AuthZ, LDAP/SAML/Kerberos)
Fluency in AWS IAM best practices, SailPoint IIQ/IdentityNow leading practices, Okta leading practices and/or Azure AD leading practices
Knowledge of common IAM processes (lifecycle events, request/approval, password management, provisioning/de-provisioning, governance and certifications)
Knowledge of infrastructure sizing, hardening and configuration (eg VPCs, network topology, DBMS, API gateway, connectors)
Familiarity with common IAM data schemas (eg identity cubes)
Knowledge of IAM Solution error/exception handling and troubleshooting
Solid understanding of NIST/ISO standards for IAM
Leading IAM maturity assessments to identify gaps, deficiencies and recommendations
Familiarity with IAM custom development and deployment
Basic knowledge of common compliance requirements (GDPR, CCPA, PCI, HIPPA, HITRUST, DFARS, CMMC, etc.) as they relate to IAM
IAM testing strategies and methods (User Acceptance Testing, Integration Testing, Performance Testing, High Availability/Failover Testing)
Knowledge of red team strategies and penetration testing of IAM solutions
Excellent written and verbal communication skills

Basic qualifications for a supervisor-level position include:

Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences
Computer Science, Information Technology, Information Systems Management, or other similar degrees preferably with a focus on information security
Technical background in computer science and related fields
Strong knowledge of computer network technologies, protocols and topologies
Proficiency with a variety of Windows, Unix and Linux operating systems
The ability to interpret and convey technical information through written and oral communications to all levels of technical aptitude, including senior management
High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices
Possess a strong internal drive and motivation for continuous improvement

Beneficial, but not required, qualifications for a supervisor-level position include:

Certification in one or more leading IAM solutions (eg SailPoint, Okta, AWS IAM)
Practical hands-on or lab experience with IT infrastructure components such as servers, firewalls, IDS systems and other network infrastructure components
Experience with testing and development frameworks such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
Familiar with security testing techniques such as network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, Firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
Prior consulting experience (eg Big Four)