Lead Analyst, Cyber Security

This opportunity would allow you to apply your strong understanding of designing, configuring, implementing, and supporting Identity Governance & Administration (IGA) solutions and processes. As a Lead IT IAM Engineer (IGA) you will work directly with technology and business partners in a global organization to ensure the IAM services and technology are delivered in accordance with Cyber Security strategy. In this role, the Lead will be part of the Identity and Access Management within Cyber Security and will collaborate with many cross functional teams within and outside of Smurfit Westrock\u2019s IT Solutions including Infrastructure & Services, Productivity & Platforms, Core Engineering, Operations, Service Delivery, Human Resources IT teams to grow and mature IAM security program, while protecting Smurfit Westrock\u2019s identities and access protocols from the latest threat actors and threat vectors. You will be responsible for technical deployment, rollout, maintenance, and support of key IAM processes and security practices related to Identity Governance and Administration (IGA) and end-to-end identity lifecycle management systems (SailPoint Identity Security Cloud - ISC / IdentityNow or other IGA Solutions), implementing birthright access provisioning/de-provisioning, establishing access certifications/governance workflows, as well as developing and supporting Role Based Access Control (RBAC) frameworks and modern access management solutions, such as single sign-on, multi-factor authentication, proper authorization etc. The successful candidate will have excellent collaboration and communication skills.

How you will impact Smurfit Westrock:

• Provides technical support across IAM applications to define, implement and enhance current and new IAM software, hardware requirements, delivering and supporting IGA applications, solutions, and processes

• Provide support with respect to implementation, and concurrent delivery of two or more Identity platforms (i.e., IGA and PAM) such as SailPoint, Saviynt, BeyondTrust, Okta, Ping Federate, Microsoft Azure AD

• Assist with configuring, implementing, maintenance, and documentation of all layers of IAM applications and robust identity and access solutions including tools to support account creation, onboarding, offboarding, user provisioning, deprovisioning, authorization, authentication, single-sign, federated identities, multi-factor authentication, and privileged access management activities

• Assist to modernize access control protocols, design from scratch, implement, and maintain role-based access controls (RBAC) and birthright provisioning/de-provisioning mechanisms to execute and maintain a strategy of "least privilege"

• Conducts proper root cause analysis and make recommendations to improve IAM processes or prevent future occurrence of end user access issues

• Assist in the analysis of user and permission data, and the development and documentation of test cases for applications on boarding, user access and other identified entitlements repositories that have been re-permissioned.

• Bachelor\u2019s degree or a similar level of training in IT and information security

• 8-10 years of IT experience focused on Identity Governance Administration (IGA) and other security practices.

• 8-10 years working knowledge of two or more IGA solutions (SailPoint, Saviynt, One Identity), etc

• 8+ years hands-on knowledge and experience with designing, configuring, implementing, and supporting IAM solutions such as SailPoint, Saviynt, BeyondTrust, Thycotic, CyberArk, Okta or Ping Federate or any IDAM tools

• Minimum 8 years hands-on experience with Identity Life-cycle Management processes and Identity Governance related to onboarding and offboarding, good understanding of Active Directory, Single Sign On (SSO) and modern authentication and authorization standards and protocols (i.e., SAML, OpenID Connect, OAuth)

• Solid understanding of IGA concepts and frameworks to resolve IAM complex issues in effective/creative ways

• Hands-on technical ability to support (SailPoint Identity Security Cloud - ISC / IdentityNow)

• Minimum 8 years\u2019 experience and know how in any combination of Cloud (AWS IAM), Network, Cyber

• Some understanding of Domains, Trusts, AD replication (configuration and troubleshooting), and Group Policy Object (GPO) management and experience in completing Identity migrations post-merger/acquisition.

• Experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages

• Strong experience with Java, BeanShell, XML, and SQL

• Minimum 4 years working with Amazon Web Services (AWS) including EC2 and Lambda

• Certifications a plus such as: CISSP, CISM, CRISC, CISA and other similar IAM related certifications.

• Must have strong communications skills with the ability to interface with both executives and technical staff

• Experience running risk management programs and IT architecture planning and implementation.

• Travel up to 30%, although this may be higher when ramping up

• Professional proficiency with the MS suite of products (Word, Excel, PPT, Visio, Project)

• Self-directed, results-oriented and ability to work under tight deadlines in a fast-paced environment

• Strong attention to detail, analytical, decision-making, effective document, and process review skills

• Demonstrates strategic thinking in application of security technologies and interoperability

Our technology organization is transforming how we work at Smurfit Westrock. We align with our businesses to deliver innovative solutions that