Information Security Manager-IAM (34537-MMCC) at MathWorks in Natick, MA

Summary

MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More: https://www.mathworks.com/company/jobs/resources/applying-and-interviewing.html#onboarding.

Position Summary

The Information Security Manager role will oversee and manage our Identity and Access Management (IAM) programs and strategy including Privileged Account management, security awareness, and phishing initiatives across the organization. The ideal candidate will possess a strong background in information security and a proactive approach to safeguarding our company's digital assets. We particularly value excellent leadership skills in our ideal candidate, who will manage and lead a diverse team of IT Security Analysts in day-to-day operations, project planning, and execution of IT Security initiatives.

IAM Activities

Facilitates the use of technology-based tools or methodologies to review, design and/or implement products and services to provide a strong IAM program that balances access with compliance and confidentiality and business requirements

Identifies and evaluates complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement

Identifies the broader impact of current decisions related to user access, data access and information security

Acts as subject-matter-expert on all IAM disciplines including identity governance and administration, (IGA), Access Management, (SSO, MFA), privileged access management and identity verification, (ID Proofing, etc.)

Provides management status reporting to include accomplishments, plans for upcoming activities and overall completion status on a regular basis ensuring all milestones and deliverables are achieved within communicated deadlines

Own the lifecycle management of all IAM technologies and its associated infrastructure

Aligns IAM processes across the organization where applicable, and develops and documents standards for organizational use

Collaborate with IT and other departments to integrate IAM solutions with existing systems

Partner with other business security units to gain alignment and support the overall strategy for internal and external IAM program

Business Strategy

Envisions business outcomes and works with business leaders to create business initiatives

Aligns IAM processes across the organization, and develops and documents standards for organizational use

Partners in an IAM selection process, evaluates existing and emerging technologies and tools in the selection of an IAM service offering for the business units

Understands business and information technology management processes and demonstrates advanced understanding of business processes, identity-first security, internal control risk management, IT controls and related standards

Awareness, Training and Other Communications

Fosters an understanding of the need for and application of the IAM system, and facilitates decision making with the business users

Builds and nurtures positive working relationships with business units

Identifies opportunities to improve engagement with the business units

Design and deliver security awareness training programs for employees.

Develop engaging content to educate staff on security best practices and emerging threats.

Conduct regular phishing simulations and other security awareness exercises.

Evaluate the effectiveness of security awareness programs and make improvements as necessary

MathWorks nurtures growth, appreciates diversity, encourages initiative, values teamwork, shares success, and rewards excellence.

Responsibilities

Oversee team operational and project tasks by managing Kanban and sprint planning boards to help support the project management aspects of day-to-day operations

Ensure effective coordination and direction of team activities while actively participating in organizational, project, and team meetings

Develop and execute information security plans that align with the company's goals. Guide the security team in their crucial role and collaborate with other departments to ensure unified security measures

Oversee, develop, implement, and enforce the IAM program supporting the organization. The identity program includes privileged account management, user account management oversight, enhancement of authentication systems, and integration into the identity governance and administration solution

Oversee the development and implementation of security awareness training programs, including phishing simulations, educational content, and program evaluation

Manage vendor relationships and collaborate across departments to ensure cohesive security practices. Prepare regular reports for management, stay informed about the latest security trends, and manage resource allocation for security programs

Manage the Zero Trust program to align with the company's objectives

Qualifications

Proven experience with operational management in diverse environments

Automating security processes and workflows for efficiency and repeatability

Experience implementing security processes within CI/CD pipelines for cloud-native applications

Strong analytical skills and the ability to work with teams on complex security tasks

Understanding and experience with NIST CSF, SOC2, ISO27001, NIST SP800-171 and NIST SP800-53

Experience of Ping Federation, SailPoint, and other Identify access management solutions.

Experience in managing and implementing identity and access management solutions, identity governance, and administration systems.

Professional certifications such as CISSP, CISM, or CISA are highly desirable.

Knowledge in managing and implementing identity and access management solutions and identity governance and administration systems.

Knowledge of Information Security best practices

Strong understanding of IAM principles and best practices

Strong knowledge of data security principles and best practices

Experience with management of IAM and data loss prevention systems

Extensive leadership experience in overseeing high-performing teams in a highly collaborative environment

Required Qualifications

A bachelor's degree and 7 years of professional work experience (or equivalent experience) is required. 2 years management experience is required.

The MathWorks, Inc. is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here.MathWorks participates in E-Verify. View the E-Verify posters here.