Job title: identity trust expert
location: mexico, bridgewater, boston, or france
remote working: 50% remote, 10% travel expected
job type: permanent full time
overview
part of the global cyber security team within the digital organization, you will be a maestro of our identity and access management band. Your role will be to own and conduct the harmonious integration of a new privilege management solution. From composing elegant access controls to fine‑tuning troubleshooting and deviation remediations, you will steer the ensemble toward a crescendo of security, compliance, and trust.
responsibilities
* deploy, manage, govern, and define the strategy for privilege elevation solution on endpoints, ensuring secure access to resources while minimizing the risk of privilege abuse.
* service owner of privilege elevation solution, management of stakeholder’s network, and follow‑up on related slas.
* continuously improve monitoring capabilities around least privilege rules, delegation management, third‑party authentication, privilege escalation risks. Further expand the deviation types to be monitored and remediation means (tools, scripts, gpos).
* ensure privilege elevation it solution is well integrated in our ecosystem along with identity management platforms such as bastion and identity provisioning & access lifecycle.
* technically support the cybersecurity toolset regarding systems access management services.
* develop, maintain, and monitor security kpis and dashboards to manage security risks, track deviations, and produce appropriate remediation and improvement plans.
* ensure a coherent and harmonized definition and adoption of security processes and solutions within the organization throughout their life cycles.
* contribute to the crisis management process development.
* ensure the cyber compliance of sanofi and its partners through preventive and corrective actions. Lead, contribute or manage the investigation of deviations, definition of the remediation plans and operational implementation.
* conduct technical audits and contribute to internal audits. Define, coordinate, and perform sanitation actions.
* contribute to global projects (cyber, infrastructures, business) around security breach anticipation and remediations, mergers and acquisitions, azure ad entitlement management, major developments around security technologies and solutions.
* contribute to the definition of the overall strategy for sanofi’s digital infrastructures and services, ensuring that the security risks and directives are included in the roadmaps.
* develop and maintain documentation, standards, and best practices for privilege management on systems, fostering a culture of continuous improvement and proactive risk management.
* stay current with industry trends, emerging technologies, and best practices in identity and access management to enhance cybersecurity resilience.
minimum qualifications
* bachelor’s degree in cyber security or computer science or relevant verifiable work experience.
* 3 years of technical experience around privileges/access/identity and active directory management in a large corporation with multiple lines of business and ideally a cyber security culture.
* proficiency in windows and linux os, especially on administration and security, access right management and understanding of vulnerabilities and attack techniques.
* ability to address all security topics on a general scale. Performing in an international, intercultural and transversal environment.
* ability to understand business needs and translate them into technical solutions.
* familiar with all security aspects of is and technologies (governance, policies, processes, technologies, tools and indicators).
* leadership and communication skills to convince and liaise with the various stakeholders, within and beyond the digital organization.
* good english skills.
desired qualifications
* embody cybersecurity mindset as enablers and facilitators versus blockers.
* a solid operational experience in accounts, privileges, authentication management across multiple platforms and solutions.
* in‑depth knowledge of architecture design, security best practices, processes, tools around privileges/access and active directory management.
* experience in scripting and programing l
#j-18808-ljbffr