OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
Identity and access management professional/specialist
The challenge we offer
If you are reading this, you probably already know that Polestar is an electric performance car brand. We work hard to create a unique experience for our customers! The thrill of driving the car, the digital experience of buying, owning, and controlling a Polestar require us to push the limits of technology. Sustainability has been at the heart of Polestar since the beginning, and we have set a moonshot goal for climate neutral cars in 2030. There is an ocean of opportunities in this for talented IT professionals who want to dive in and make a difference.
The Information Security department at Polestar is expanding as the company is growing. Polestar is active in many countries and new markets are added at rapid pace. The IT landscape complexity is quickly increasing; therefore, we must ensure the our safety and security against rising cybersecurity threats.
About the role
As part of the information Security team at Polestar you will collaborate with colleagues who have focus on various security and privacy domains. While other members of the Information Security department provide specialized skills and knowledge on cryptography, Red Team/Penetration testing, security architecture and privacy, you will be our resident expert on Identity and Access Management. We complement each other and together we work towards a better security [KA1] (#_msocom_1) program.
You will shape and support the identity and access management capability of enterprise IT, products, and our customers. You provide a clear frame and goals for the operational teams to ensure an efficient and secure Identity and Access Management. You work with stakeholders to identify risks associated to identity and access of products and services. You will define strategies and policies, provide guidance, design, and educate the internal stakeholders.
What you will do
- You will oversee the governance, ownership, strategy and focus decisions of identity and access management capability and processes as well as coordinating with stakeholders.
- Defining and setting standards and practices in IAM capability
- Define a role-based and transparent methodology and control-objective IAM environment for Polestar
- Defining KPI and OKR related to maturity and effectiveness of the IAM program, ensuring conceptual relation to the KPI and OKRs within ecosystems.
- Supporting the risk management and risk analysis related to InfoSec within various ecosystems.
- Consulting ecosystem stakeholders on risk treatment options and IAM architecture.
- Formulating tactical goals for the IAM practices and laying out roadmaps.
- Managing stakeholders for the ”Security Champions" in IAM capability and promoting InfoSec culture.
- Supporting awareness and training capability tailored for IAM
- Contribute to the Threat and Risk Analysis with your specific IAM perspective
- Provide a good balance security with convenience for IAM.
Personal qualities
- At Polestar we are building a new company. It requires that you are a shaper, i.e., you can create a process where there is none today and you are the one that proposes a solution.
- You want to create the best and most efficient protection for the company.
- Open minded. While you shape and create you reflect on how that affects the other departments.
- You can express what people must or need to do in a clear and convincing way.
- Embraces a culture of trust, free thought complete transparency
Skills and experience
- A Bachelor’s or master’s degree in computer science or relevant education
- Working experience in digital organizations and Information Security
- Good working experience in control areas of the ISO 27001:2022 and knowledge of relevant industry standards (e.g., NIST 800-53, ISO 27001, ISO 27018, EN 62443 and GDPR).
- Background in adopting industry standard enterprise wide IAM technologies and concepts.
- Well understanding of design of a security architecture and necessary interfaces between the different components and stakeholders
- Experience in managing technical priorities.
- Proficient in explicit trust model and least privileged principals
- Extensive experience in designing RBAC and ABAC
- Experience in designing and implementing IAM policies and strategies
- Proficient in identity and access management in DevOps environments.
- Good working experience with IAM in AWS, Azure and GCP.
- Extensive experience in identity and access lifecycle.
- Extensive background in IAM automation processes and workflows.
- Deep understanding of Oauth, OpenID connect, SAML and relevant protocols.
- B2B and B2C access control.
- Application, systems, and API access management.
- Well understanding of privacy issues.
- Extensive experience in managing privileged access.
- Working experience in directory services, access brokers, DLP and SaaS based identity.
- Good understanding of the current IAM threat landscape.
- Good scoping skills. Understanding legal requirements and incorporate that into your solution proposal is a plus.
- Having certifications like CIAM, CIMP, CISM, CISA, CRISC, OSCP, CISSP or CCSP is a plus.
People at Polestar
At Polestar, you will be part of a cross-functional and international team, with English as a natural language for written and spoken communication. Since Polestar’s in a scale-up phase you thrive by working in a fast-paced environment.
We know that a change is needed. We also know that each one of us can help bring about that change. Our commitment to becoming climate-neutral by 2040 is just as important to us as being inclusive, diverse, and innovative. Together, we are creating, collaborating and experimenting to usher in a new era of sustainable mobility.
We are an electric performance brand, determined to improve the society we live in.
Is this you? If you are interested in joining the Polestar family, don't wait with submitting your application. We apply a continuous selection process and the job post will be open until the position is filled.
Are you ready for the journey? Which is electric by the way...