Cyber Identity & Access Management Product Architect

Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!

Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)

This role is part of the D&T department of HEINEKEN International and is in Heineken Global Shared Service. D&T is proud to bring cutting-edge innovation, strong technology, and advanced analytics to HEINEKEN. With speed and agility, we ensure HEINEKEN has the technological competitive advantages it needs to deliver on its ambition.

Cyber Identity and Access Management Product Architect is part of the leadership team withing Global Information Security Department within HEINEKENs Digital & Technology function.

The most important duty of the CyberIAM Product Architect is to design, manage, secure and communicate our identity access management architecture so we can ensure that authorized users have the right access to company systems, data, and applications at the right time and with the right purpose.

Your responsibilities would include:

• being responsible for designing, reviewing, developing, and managing the identity and access systems of an organization. Keeping it aligned with HNK Enterprise Architecture agenda and landscape
• working closely with domain architects to define the system/process boundaries and ownerships. Define criteria such as application onboarding, security acceptance criteria, etc.
• collaborating with product and domain architects across the organisation and develop a consensus-based enterprise solution that is scalable and fit for purpose in the HEINEKEN landscape
• creating and implementing policies and procedures for access control, identity management and lead in the development of policies, standards and guidelines that direct the selection, development, implementation and use of enterprise Identity and Access technologies
• providing guidance and coaching to the engineers for IAM related topics
• driving the adoption of creative solutions to address complex, global IAM problems
• helping defining and incorporating global best practices of broader product team KPIs and value measurement/delivery of scope. working with Product Team(s) to define product epics and plan the Sprints including deciding on Sprint content and priority; ensures backlog prioritization are aligned to strategic business requirements, budget considerations, optimal value delivery and non-functional requirements.

You are a good candidate if you have:

• a bachelor degree or higher in information security or related field
• 10+ years work experience
• 8 years of experience in IAM or a related field.
• proven work experience as an IAM Architect or similar role with proven successful results
• experience with IAM/IGA solutions and technologies with proven successful results
• experience with identity and access management tools, such as Sailpoint, Active Directory, LDAP, and Azure AD
• strong understanding of authentication protocols, such as SAML, OAuth, OpenID, OpenID Connect, and Kerberos
• worked in team adopting agile methodologies
• designed and implemented identity management, role-based access control, and authentication systems
• familiarity with IT security principles, architecture and strategy
• a solid understanding of security protocols, cryptography, and authentication protocols
• an understanding of compliance regulations and security standards
• strong problem-solving and analytical skills
• advanced knowledge of Sailpoint (IDN/ISC or IIQ) and/or multiple other IAM/IGA solutions
• professional certification such as Certified Information Systems Security Professional (CISSP), Certified Identity and Access Manager (CIAM) or Certified Identity Management Professional (CIMP) is a plus
• strong technical skills, including experience with identity and access management solutions
• strong communication skills, able to explain complex architecture designs and criteria in simple words and convince stakeholders
• strong team-working spirit
• experience in project management, system design, and system integration is also beneficial
• experience with cloud technologies, directory services, and single sign-on (SSO) would be advantageous
• excellent written and verbal English.

At HEINEKEN Kraków, we take integrity and ethical conduct seriously. If someone has concerns about a possible violation of legal regulations indicated in Polish Whistleblowing Act or our Code of Business Conduct, we encourage them to speak up. Cases can be reported to global team or locally (in line with the local HGSS Whistleblowing procedure) by selecting proper option in this tool or by communicating it on hotline.