IAM Engineer – Active Directory / AD Fed Ser / Azure AD Job in Massachusetts (MA), Information Technology Career, Full Time Jobs in Novartis Pharmaceuticals
Sign in
Create a candidate account
Create a candidate account
Create an employer account
Sign in to an existing account
Create a candidate account
Create an employer account
Sign in to an existing account
Forgot password
Forgot password
Sign in
Create a candidate account
Sign in
Create an employer account


IAM Engineer – Active Directory / AD Fed Ser / Azure AD job in Cambridge

Sign in
Create a candidate account
Novartis Pharmaceuticals jobs
Massachusetts (MA), Cambridge
Job Code:  248525BR
Employer:  Novartis Pharmaceuticals
Category:  Information Technology
Job Type:  Full Time

Country:  United States
State:  Massachusetts (MA)
City:  Cambridge

The Identity and Access Management (IAM) Engineer works in close collaboration with Application Managers, Security Architects, Business Analysts, IAM Operations, Information Security and Risk Management to ensure that Novartis' Active Directory, Active Directory Federation Service and Azure Active Directory are designed, configured and maintained as per defined policies, standards and industry good practices to adequately protect access to Novartis' data assets.

The IAM Engineer is responsible to translate business requirements and architecture designs into technical solutions. The IAM Engineer ensures that:
• Fixes, upgrades, patches and new versions of the software, customization requests by customers, change requests raised by underpinning services are reviewed in a timely fashion and assessed with regard to their impact on the operational IAM services, the maintainability and security of the IAM platform and resource requirements
• Changes are aligned with security architects and engineers of applications that are integrated with the IAM platform
• Changes to the IAM platform are implemented and documented according to Novartis software development and document management standards
• 3rd level support is provided according to SLAs
• Problem Management is performed according to Novartis standard processes
• Issues with the underlying software are appropriately escalated with the software provider
• Provides in depth expertise to Active Directory, Active Directory Federation Service and Azure Active Directory topics
• Provides input to the IAM capability roadmap and strategy
• Solution oriented, can define various pragmatic alternatives leading to appropriate results

In the focus area of Engineering and Solution Design to:
• Strategic design or selection of tools, technology with focus on IAM requirements of applications
• Build new solutions (proof of concepts)
• Lead technical design in changes and projects facilitating the on-boarding of applications onto IAM services

In the area of Service Innovation to:
• Identify demand/CSI, trends, (IT) best-practices
• Drive introduction of new opportunities into IAM

• Level of maturity of controls (based on IGM (Information Governance and Management) control maturity assessments, internal audits and external benchmarking or assessment) within IT for IAM security related controls and vulnerability management
• Achievement of agreed targets in terms of quality, time and cost. Ensure secure, stable and well performing system environment.
• Achievement of service levels corresponding to industry best practice (price/performance etc.)
• Achievement of modern technology and operations concepts according to industry best practice
• Levels of collaboration/working relationship/personal acceptance achieved with stakeholders inside and outside Information Security and Risk Management
• Apply professional competencies to administrate and optimize the assigned system environment.

Budget: No direct budget responsibility.
Indirect budget accountability for projects up to 10 mUSD

Headcount: No line management responsibility for Novartis internal staff
Responsibility for managing up to 25 service provider staff in remote locations

Geographical Scope: Global: all Novartis sites and divisions

High complexity:
- Engineering a crown jewel application
- Securing access to all crown jewel applications, all GxP applications, all SOX applications, all security critical applications (SCAs), all operational critical applications (OCA)
- working globally and cross divisionally

As the role is part of a global organization, willingness for required traveling is as important as is participation in telephone conferences outside of the local business hours.Position will be filled commensurate with experience

o University degree in Computer Science or Engineering (or a proven track record of 6+ years' experience in a similar role)
o Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred

• 5+ years of working as an engineer with Active Directory, Active Directory Federation Service and/or Azure Active Directory including:
o Excellent engineering skills
o Strong project management skills
o Strong stakeholder management skills
o Strong vendor management skills

• More than 3 years of experience working in an international environment
• Experience with Oracle Identity Manager, Oracle Access Manager, Oracle Unified Directory, Cyberark Privileged Access Security Suite, SafeNet Authentication Service or gemalto MobilePASS would be beneficial
• Experience with working in a regulated environment (e.g. GxP, SOX, Data Privacy, eCompliance)
• Experience with working in virtual and cross-cultural teams
• Experienced in coordinating and in directing service provider staff

• Excellent understanding of IT and IT security
• Strong understanding and knowledge of regulated industries, preferably pharmaceutical industry
• Strong understanding and knowledge of business processes in a global industry, preferably pharmaceutical industry

• Strong IT Project Management skills
• Excellent ability to manage geographically and functionally dispersed teams
• Strong knowledge of (information) risk management related standards or frameworks such as COSO, ISO 2700x, CobiT, ISO 24762, BS 25999, NIST, ISF Standard of Good Practice and ITIL

• Strong ability to handle competing priorities, and seeking consensus when stakeholders have different or even contradicting opinions.
• High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.

• Excellent written, presentation and verbal communication skills
• Fluency (oral and written) in English, any additional language is a plus
ref: (248525BR)
Back to search results

Popular locations: New Jersey (NJ) (519) | Maryland (MD) (445) | Pennsylvania (PA) (175) | Texas (TX) (173) | California (CA) (119) | Massachusetts (MA) (108) | North Carolina (NC) (107) | Delaware (DE) (102) | Indiana (IN) (67) | Ohio (OH) (30)

Popular categories: Research and Development (518) | Sales (288) | Operations (144) | Clinical Research (138) | Information Technology (101) | Sales and Marketing (96) | Other (95) | Laboratory (92) | Other (85) | Business Development (83)

Popular jobs: Manager (489) | Sales (397) | Director (386) | Associate Director (154) | Account Manager (134) | Business Development (91) | Project Management (77) | Senior Specialist (39) | Bioinformatics Scientist (29) | Account: Ophthalmics Sales Territory Manager (22)