Cybersecurity Architect - IAM

CAA Club Group•Nashville, TN

About The Position

Who we are Creative Artists Agency (CAA) is the world’s leading entertainment and sports agency, with offices in Los Angeles, New York, Nashville, London and Beijing. Founded in 1975, CAA represents many of the most successful professionals working in film, television, music, theatre, video games, sport, and digital content, and provides a range of strategic marketing and consulting services to corporate clients. The Role This is a hands-on security position working within the Information Security group and with the internal IT department at large. We are looking for candidates who have a passion for cyber security, identity management and threat response. You will provide domain expertise to design and develop the capabilities of the identity and access management platform and the automation of application deployment pipelines to the platform. As a key leader in our security organization, the Cybersecurity Architect will drive the development of secure design principles, reference architectures, and security standards across a modern, SaaS-enabled and cloud-first ecosystem. This includes securing complex identity flows, third-party integrations, APIs, and distributed systems while addressing the shared responsibility model inherent across SaaS and internally developed line of business platforms. In this role, you will be an essential partner and technical specialist for identity and access platform development and provide thought leadership on enterprise security and architecture across identity access and governance. You will be a key part of our efforts to enable the business needs in a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice.

Requirements

A minimum of 7 years in Information Technology, ideally with a focus on information security
A minimum of 3 years’ experience in identity and access management Architecture or Engineering
A Bachelor’s or Master’s Degree in a relevant field of work
Experience architecting IAM projects from design through implementation
Strong communication and presentation skills with ability to explain complex concepts to both technical and non-technical audiences
Have designed and supported the implementation of Zero Trust Identity architecture
Understanding of OAuth, SAML and OpenID frameworks
An understanding of the fundamental operations of servers, operating systems, networks, firewalls, cloud applications, and infrastructure
Knowledge in automation and integration with SaaS applications
Knowledge of lifecycle management and provisioning and de-provisioning
Knowledge of different MFA and compensating controls for identity
Knowledge of privilege identity management, privileged access management, and concepts of just in time provisioning, just enough access, and principal of least privilege
Knowledge of scripting in at least one of the following languages: PowerShell, Python, JavaScript

Nice To Haves

Cross-team collaboration and vendor management
Set up and integrations for Single Sign-On with various SaaS vendors
Knowledge and experience of SCIM integration
Account set-up and access management
Application development and DevSecOps pipeline
Building and using REST APIs
Experience creating and supporting identity framework or IDaaS
An understanding of the NIST framework and using a continuous improvement loop

Responsibilities

Maintain architectural diagrams and workflows of the identity access management platform
Provide design, evaluation, analysis, of identity and access management programs to support the company’s strategy
Develop standards and guidelines for access management across the company and department
Understand user lifecycle management; including provisioning/de-provisioning, access requests, user entitlements and audit & validations
Collaborate with HRIS, IT service owners, service desk and end-users to gather feedback and design solutions with identity related workflows
Present on design & vision that meets user and business needs
Design overall structure for new and existing cloud and on-premise applications into the identity access management platform
Create identity governance workflows with the concepts of attestation and auditing.
Ensure systems are scalable, maintainable and meet business needs
Create documentation to support architectural decisions and workflows
Review identity workflows and processes for lifecycle management, auditing, reporting, governance and self-service
Design a RESTful identity API to provide Identity as a Service to downstream services and directory owners
Play an active role in CAA’s security incident response efforts, working to identify and mitigate information security threats

Benefits

Equal Employment Opportunity
Does not discriminate against individuals based on housing status, including the absence of a fixed address.
Complies with the Americans with Disabilities Act and applicable state and local laws regarding providing reasonable accommodation for qualified individuals with disabilities.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume