Identity Security Manager

  • Location

    Solihull

  • Sector:

    IT

  • Job type:

    Permanent

  • Salary:

    Salary negotiable plus excellent benefits package

  • Published:

    9 days ago

  • Expiry date:

    2021-07-22

  • Client:

    #

Find out more about Gymshark and see all their listed jobs

We’re here to unite the conditioning community. We believe that putting the sweat in today, prepares us for tomorrow. So, we give people the tools they need to reach further, go faster, be stronger. We celebrate those who show up – for themselves – to be their physical or mental best, whatever that means for them. It’s what we want for our community, and our team. A team that’s growing rapidly around the world. A collective of talented individuals working together to invent Gymshark’s future. Our plans are ambitious, and we’re looking for people who want to join us for the ride – our growth will be your growth.

WE HIRE PEOPLE.

Real-life humans, each with their own unique set of thoughts, beliefs, cultures, identities and a background and body that is completely individual. Together, all these unique humans make Gymshark stronger.

If you’re reading this, you’re probably applying for or considering applying for a job with us, and we want you to know that Gymshark is an equal opportunity employer. For us, that means we always, and will always, strive to be as inclusive as possible in all aspects of employment and that we do not, and will not, tolerate discrimination of any kind.

Are you our next Identity Security Manager? We’re looking for someone to join our Tech Team as Identity Security Manager, you will be responsible for managing, maintaining, and assuring Gymshark’s global user identity architecture, to ensure that Gymshark stays secure and compliant to Gymshark’s Security Framework and industry best practices. 

You will support the Tech Support team as a 3rd line engineer and work with the Tech team to resolve any identity related issues as well as designing and architecting and future proofing Gymshark’s global Identity capability and security strategy.

Sound like you? Here’s the role up close:

WHAT YOU'LL BE DOING:

Management and Support: 

  • Working with key stakeholders to manage, maintain and improve Gymshark’s Global Identity (Devices and IAM/ SSO) capabilities.
  • Looking to improve and automate where possible the joiners, leavers, and movers process, including the assignment and removal of access to corporate applications and systems.
  • Implementing security features and monitoring tools and assuring our security assessment needs for Gymshark’s IAM/ SSO.
  • Coordinate with the Incident & Threat Manager and with key stakeholders on how to respond swiftly to new and emerging security threats and vulnerabilities, and aid in the investigation, management, and recovery of any suspected attacks.
  • Facilitate in reviewing externally commissioned security testing activities. Working with the Cybersecurity team and relevant stakeholders, to ensure that any vulnerabilities are promptly resolved.

Strategy: 

  • Working with key stakeholders to develop and document Gymshark’s Business Continuity, Disaster Recovery, and Incident processes for our Global Identity services.
  • Work with key stakeholders to work towards a Zero trust model so only authorised users can access Gymshark’s systems.
  • Produce, maintain and test Gymshark’s IAM/ SSO systems to ensure it meets the security needs of the Gymshark’s Security framework and compliance needs.
  • Architect and design Gymshark’s Global Identity security strategy, focusing on Zero trust and BYOD.

Collaboration: 

  • Work alongside the Cybersecurity team, and key stakeholders to manage vulnerabilities and risk in our Global Identity estate.
  • Act as the SME for Identity security and work collaboratively with teams on new projects (New or Replacement systems, etc.)
  • Act as 3rd line support capability for the Tech Support and Systems teams by assisting them in resolving any identity-based systems.
  • Ability to navigate continuously expanding organisational structures and collaborate with multiple stakeholders across functional and technical skillsets.
  • Excellent communication skills with the ability to explain Identity Security requirements in business risk terms.
  • Work with the Cybersecurity team to understand different security compromise scenarios.

 Analytics:

  • Uses analytics to measure the effectiveness of our global identity solutions (IAM/ SSO and MDM’s) to understand if we’re succeeding in the management of our Cybersecurity programme, ensuring in Gymshark’s estate is staying compliant. 
  • Work with the Cybersecurity Team to build clear jargon free standards and processes so everyone can understand them with ease. 
  • Identify any current gaps or updates to existing global identity solutions and remedy them.
  • Benchmark Gymshark global identity capability against key compliance legislation and global security standards.
  • Work with the Cybersecurity team to perform penetration tests and black box exercises to understand the effectiveness and resilience of Gymshark’s global identity security capabilities.

Knowledge and Opportunity: 

  • Attend relevant 3rd party events & Webinars to further knowledge/skills/contacts within the industry. 
  • Using data extracted from our systems to identify common issues/patterns and establish a strategy to understand why events are happening and resolve accordingly. 
  • Periodically benchmark our systems to ensure we are staying with the platforms that are most relevant as we continue to grow and expand – think long term. 
WHAT YOU'LL NEED:
  • Own or work towards, an industry recognised qualification in Cybersecurity, Identity Access Management, Infrastructure, or industry related solution.
  • Extensive experience in identity access management and/or related functions (such as Identity, Infrastructure, Cloud solution design or architecture, Identity & Access Engineer or IAM Manager)
  • Formal understanding of information security frameworks, such as PCI-DSS, ISO 27001, SOC 2, NIST Cybersecurity Framework.
  • Good understanding (working daily) with IAM and SSO Platforms.
  • Work collaboratively with global stakeholders to align on international projects and joint tasks.
  • General High level of organisational skills
  • Practical work experience in generating reports and management information.
  • Solid understanding of relevant technologies and associated technical information security controls.
  • An understanding of due diligence processes, as they relate to information security and data privacy.
  • Knowledge of contemporary and emerging enterprise security standards, approaches, practices, and industry trends.
  • Experience in supporting a global and remote/home working workforce.
  • General computer literacy is essential, as is the ability to understand system architecture and information flows. Ability to work collaboratively with other team members to deliver immediate tasks.
  • A creative problem solver with the ability to think laterally and understand the cost and value drivers within a competitive business environment.