Campari Group ricerca un Global IT Cyber Security – Identity & Access Management Lead presso la sede centrale di Sesto San Giovanni, Milano.
Want to be a crowd-stopper rather than a crowd-pleaser? Become a Camparista
At this point, you may not know exactly what it takes to be a Camparista , but you have the makings to be one of us. We’re the independent minded and passionate achievers in the spirits industry, innovating the iconic.
Be Part of Our Signature Mix
Role Context and Mission
The Global IT Cyber Security – Identity & Access Management Lead is a key role in the Global IT team reporting to the Global IT Manager, Cyber Security, located in Campari Group Corporate headquarter.
You will be responsible for leading the strategic alignment, development and operation of Identity and Access Management (IAM) services within Campari Group. The role will develop and implement an effective IAM strategy that aligns with the overall cyber security strategy of the organization.
In the role, you lead and be responsible for the technical delivery of work related to IAM tools and services from joiner, through provisioning, re-certification, dormancy, and leavers. This includes but is not limited to identity capabilities such as directory services, access management, privilege access management, SSO and MFA.
The role will also drive strategic decisions and continuous improvements to our Identity and Access controls and technical leadership.
The Global IT Cyber Security – Identity & Access Management Lead shall be responsible for supporting Campari Group’s IAM environment by ensuring that: (i) our cloud-first journey is aligned to the principle of zero trust and to recommended good/best practice; (ii) management of user access controls and identity governance processes is overseen; (iii) controls are tested; (iv) exceptions are remediated; and (v) ensure compliance with applicable regulations and industry best practices.
- Developing and implementing an effective IAM strategy that aligns with the overall cybersecurity strategy of the organization.
- Evaluating the security risks associated with different types of users and access points and designing controls to mitigate those risks.
- Defining and managing access controls, such as role-based access controls (RBAC), attribute-based access controls (ABAC), and privileged access management (PAM). This includes designing and managing authentication and authorization systems.
- Assure that key IAM zero trust requirements are embedded early in design and provide support and delivery of:
- Conditional Access
- Authentication (MFA, SSO, application integration)
- Joiner Mover Leaver (JML) identity and access considerations
- Provisioning and De-Provisioning activities
- Access Request (and approval) Management
- Privileged Access Management (PAM)
- Access Governance and Reviews
- Role-Based access Controls (RBAC)
- Identity types (internal/external/B2B/B2C)
- Logging, monitoring and alerting
- Ensuring that the organization meets regulatory requirements related to access control, such as GDPR, HIPAA, PCI-DSS, and SOX.
- Managing user identities and maintaining an accurate directory of all users, roles, and entitlements.
- Conducting periodic audits of IAM processes and controls to ensure that they are effective and aligned with the organization’s overall security goals.
- Collaborating with other teams within the organization, such as IT operations, compliance, and audit teams, to ensure that IAM processes are aligned with their needs.
- Developing and delivering training materials to educate end-users, developers, and other stakeholders on IAM-related topics.
- Evaluate and recommend new IAM technologies, tools, and processes
- Collaborate with cross-functional teams to ensure IAM solutions meet business requirements
SKILLS AND QUALIFICATIONS REQUIRED
Business / Industry Experience & Education
- Bachelor’s degree in Business Administration, Management Information Systems, Project Management, Computer Science or related discipline, or equivalent work experience
- 5+ years of relevant experience in implementing, managing, reviewing an effective IAM strategy that aligns with the overall cybersecurity strategy
- 7-10+ years proven experience working in Information Technology role
- Good technical knowledge and experience across Microsoft platforms and identity technologies is mandatory (e.g. Microsoft AD, Microsoft Azure, SailPoint, OKTA, Quest, etc.)
- Run the entire IAM universe, from joiner, through provisioning, re-certification, dormancy and leavers with a strong focus on security and user experience.
- Experience in business process and control optimization, preferably within an IT organization
- Proficient in IT governance and quality standards
- Experience writing high quality documentation and reports
- Supplier and product management including being part of RFI’s and RFP’s Demonstrated ability to work in multicultural and diverse environments
- English language fluency is a must and additional languages are an advantage
Certifications (nice to have)
Industry certification such as AZ-900: Microsoft Azure Fundamentals, SailPoint Identity Now Essentials, SC-300: Microsoft Identity and Access Administrator or other security certifications are a plus
- Leadership: Demonstrates integrity, empathy, and the ability to mobilize and mentor key stakeholders.
- Working Style: Builds professional networks, embraces change, challenges conventions, and possesses strong analytical and strategic thinking skills.
- Communication Skills: Effectively communicates digital concepts, influences others persuasively, and establishes trust-based relationships with key stakeholders.
Our commitment to Diversity & Inclusion:
At Campari Group we believe in building more value together, thus we see diversity in all forms as a source of enrichment. Our employment policies and practices ensure that we are committed to providing equal employment opportunities in all aspects of employment without regard to any individual’s race, religion, creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, sexual orientation, gender identity or characteristics or expression, political affiliation or activity, age, veteran status, citizenship, or any other characteristic protected by law.
Note to applicants:
Your application will be assessed based on your abilities, expertise, general knowledge and experience, not because of any confidential, proprietary or trade secret information you may possess. You must not disclose to Campari Group any such information. In the event that you are asked a question that cannot be answered without disclosure of any confidential, proprietary or trade secret information (including from a current or prior employer or their vendors or customers), you must decline to answer the question.
Notice to third party agencies:
Please note that we do not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Services Agreement, we will not consider, or agree to, payment of any referral compensation or recruiter fee. In the event that a recruiter or agency submits a resume or candidate without a previously signed agreement, we explicitly reserve the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.
Candidature alla seguente pagina