Head of Identity and Access Management - Leeds

"Everything about Asda" 

We are a values-led organisation. As such we, encourage everyone to be open and honest. We work creatively and collaboratively, valuing everyone's input. 

Our collaborative culture, the size of our business and our belief in the empowerment of the individual means opportunities at Asda are abundant. 

We conduct 300m worth of transactions every week. Our website handles over 2 million transactions a month. We have more than 145,000 dedicated Asda colleagues ensuring that our customers are at the heart of everything we do.  

"Everything you'll love "  

Hybrid and flexible working - everyone is looking for that work/life balance and Asda have it on point. Flexible working meaning you work where it works to meet both your needs and the business needs  Discretionary bonus - Rewarding you for your hard work and efforts  Company Pension Scheme matched to a limit  - Looking forward to the future  Minimum 24 days annual leave per year plus 8 bank holidays - Making sure you take time for your self and switch off 

4 weekly pay - which means you get an extra payday a year  Digital GP and Wellbeing sessions - Asda genuinely cares so we create a culture where our people can perform at their best, the physical health and mental wellbeing of all our people is very important to us  Discount off your shopping at Asda and George - with extra discounts running throughout the year - really makes a difference, saving the colleagues an average of 700 a year  Career development and apprenticeship and graduate schemes - we want our colleagues to excel and grow with our business. (Link to grad scheme on Asda page)   Free city centre parking - you can also use it outside working hours 

Plus much more! 

"That's more like it" 

Responsible for the day-to-day management of supplier relationships, delivery of application maintenance and application lifecycle.  Supports incident and problem management and manages the backlog, identifying trends to improve service.  Supports communication with business during incident/problem resolution and engages for decision making when incidents are operationally impacting.

"Find your role"  

Job Overview

The Head of Identity & Access Management (IAM) role assures the secure operation of the ASDA technology (IT) and processes through developing and implementing new IAM capabilities, amending and improving existing capabilities, as well as enabling the use of such capabilities across the organisation.

This role is a key part of our Information & Cyber Security team and provides excellent opportunities to liaise with key external and internal stakeholders while strengthening our Information & Cyber Security function.

The role will work closely with both the CISO and the business units within ASDA.

Principal responsibilities include:

• Direct and deliver Future Programme IAM activities, focusing on new enterprise-grade technology, procedural and organisational capabilities across the organisation.
• Define and drive implementation of IAM roadmap and strategy in conjunction with the CISO and security architects.
• Direct the delivery of IAM-related projects across the enterprise, including Technology and Business Units project portfolios, by providing necessary IAM subject-matter expertise, team resources and contribution to both secure solution designs and configurations.
• Direct technical and organisational delivery of complex Identity and Access Management solutions that enable colleagues, customers and vendors to access systems and data while maintaining the principle of least privilege.
• Define IAM policies and standards in alignment with the new ASDA Information Security Policies & Standards in application to IAM solutions including but not limited to, critical areas such as: single sign-on (SSO) for external and internal users, role-based authorisation and segregation of duties (SoD), privileged access, automation of Identity provisioning and de-provisioning, access re-certification, and user identity stores.
• Direct and lead the research focused on identifying emerging technology solutions that reduce risk, optimise cost, and improve security posture while providing business value through enhancing business process efficiencies, improving user experience, and enabling business capabilities.
• Support architectural governance and design review boards and committees as applicable to the IAM architectural technology domain standards, frameworks, design templates, standards, reference architectures and guidance materials.
• Collaborate with internal stakeholders (Technology, Data, Privacy, Legal, HR, Internal Audit, Business Units) and external stakeholders to develop roadmaps and deployment plans for IAM solutions and related processes in line with strategy.
• Direct evaluation of IAM components of the enterprise architecture, conducting feasibility studies for selecting appropriate and cost-effective solutions.
• Lead engagement of third-party specialist service providers and vendors where necessary to support IAM deliverables, including carrying out vendor and product selections and organising necessary operational support services.
• Report regularly to the CISO on the status of the IAM activities, including various operational metrics and updates for risk and remediation actions.
• Develop talent in the IAM team and support team recruitment objectives.
• Manage IAM budget within annual plan.

Required Experience and Qualifications:

• Minimum of 15 years of professional experience in overall, IT Delivery, IT Program Management, Information Security.
• An information security professional certificate such as CISSP, CISM or IAM qualification.
• An ITIL, project management or IT architecture, such as TOGAF, CEH or GIAC or other related qualification.
• Working knowledge of IT governance frameworks and standards such as CobiT, ITIL, ISO27001, NIST.
• Working knowledge of IT architecture frameworks such as TOGAF and/or project management methodologies
• Working knowledge of regulatory and legal requirements frameworks related to information security in Retail e.g. PCI-DSS, PII, GDPR.
• Experience in information technology related positions with working knowledge of IAM processes and domains including user registration, user on-boarding, authentication, authorization, privileged access, user identity stores.
• Experience in and working knowledge of project management methodologies including systems development lifecycle.
• Ability to lead complex, cross-functional problem-solving initiatives.
• Strong leadership, people management and talent development skills.
• Excellent communication skills, including ability to communicate at all levels of the organisation.
• Relationship building skills and ability to influence change without direct authority.
• Attention to detail combined with strategic perspective.
• Excellent vendor and supplier management skills, including vendor performance management.
• Ability to maintain high level of confidentiality when dealing with sensitive information

"Find your everything at Asda" - bringing brighter living within everyone's reach. 

We are passionate about creating a diverse and inclusive workforce, representative of the communities we serve, and are creating ways to inspire diverse talent to join Asda. 

If you have any questions, then please email  maariyah.s.akram@asda.co.uk