**Job title**: _Identity Trust Expert_
- _ Location (Mexico, Bridgewater, Boston, or France)_
- _ 50% Remote working and 10% of travel expected _
- _Job type: Permanent Full time_
About the job
**Our Team**:
Are you passionate about the intricate dance of digital identities and the symphony of privileges and access controls? Do you thrive in the dynamic world of directories (Active Directory, Azure AD) where each configuration tweak orchestrates a seamless user experience? If so, we have the perfect stage for your talents.
Part of the Global Cyber Security team within the Digital organization, you will be a maestro of our identity and access management band. Your role will be to own and conduct the harmonious integration of a new privilege management solution. From composing elegant access controls to fine-tuning troubleshooting and deviation remediations, you will steer the ensemble towards a crescendo of security, compliance, and trust.
So, if you're based in Mexico, Bridgewater, Boston or France and ready to take the stage and showcase your chops, join us as we compose the future of IAM where your expertise will be instrumental in the genesis of our digital identity masterpiece.
**Main responsibilities**:
- Deploy, manage, govern, and define the strategy for privilege elevation solution on endpoints, ensuring secure access to resources while minimizing the risk of privilege abuse.
- Service owner of privilege elevation solution, management of stakeholder's network, and follow-up on related SLAs.
- Continuously improve monitoring capabilities around least privilege rules, delegation management, third party authentication, privilege escalation risks. Further expand the deviation types to be monitored and remediation means (Tools, scripts, GPOs ).
- Ensure privilege elevation IT solution is well integrated in our Ecosystem going along with identity management platforms such as Bastion and Identity provisioning & Access lifecycle.
- Technically support the Cybersecurity toolset regarding systems Access Management services.
- Developing, maintaining, monitoring security KPIs and dashboards to manage security risks, track deviations and produce appropriate remediation and improvement plans.
- Ensuring a coherent and harmonized definition and adoption of security processes and solutions within the organization throughout their life cycles.
- Contributing to the crisis management process development.
- Ensuring the cyber compliance of Sanofi and its partners through preventive and corrective actions. Lead, contribute or manage the investigation of deviations, definition of the remediation plans and operational implementation.
- Conducting technical audits and contributing to internal audits. Defining, coordinating, and performing sanitation actions.
- Contributing to global projects (Cyber, Infrastructures, Business) around security breaches anticipation and remediations, mergers and acquisitions, Azure AD entitlement management, major developments around security technologies and solutions.
- Contributing to the definition of the overall strategy for Sanofi's digital infrastructures and services, ensuring that the security risks and directives are included in the roadmaps.
- Develop and maintain documentation, standards, and best practices for privilege management on systems, fostering a culture of continuous improvement and proactive risk management.
- Stay current with industry trends, emerging technologies, and best practices in identity and access management to enhance cybersecurity resilience.
About you
**Minimum Qualifications**:
- Bachelor's degree in Cyber Security or Computer Science or relevant verifiable work experience.
- 3 years of technical experience around Privileges/Access/Identity and Active Directory management in a large corporation with multiple lines of business and ideally a Cyber Security culture.
- Proficiency in Windows and Linux OS, especially on administration and security, access right management and understanding of vulnerabilities and attack techniques.
- Ability to address all security topics on a global scale. Performing in an international, intercultural and transversal environment.
- Ability to understand business needs and translate them into technical solutions.
- Familiar with all security aspects of IS and technologies (Governance, policies, processes, technologies, tools and indicators).
- Leadership and communication skills to convince and liaise with the various stakeholders, within and beyond the Digital organization.
- Good English skills.
**Desired** qualifications**:
- Embody Cybersecurity mindset as enablers and facilitators versus blockers.
- A solid operational experience in accounts, privileges, authentication management across multiple platforms and solutions.
- In-depth knowledge of architecture design, security best practices, processes, tools around Privileges/Access and Active Directory management.
- Experience in scripting and programing l