Job Description

Four Seasons Hotels and Resorts is a global, luxury hotel management company. We manage over 120 hotels and resorts and 50 private residences in 47 countries around the world and growing. Central to Four Seasons employee experience and social impact programming is the company?s commitment to supporting cancer research, and the advancement of diversity, inclusion, equality and belonging at Four Seasons corporate offices and properties worldwide. At Four Seasons, we are powered by people and our culture enables everything we do. The Manager, Identity and Access Management will lead the development, delivery, and maintenance of Four Seasons? enterprise Identity and Access Management program. The responsibilities of the Manager, Identity and Access Management encompass strategic planning, solution implementation, access governance, monitoring, incident response, and continuous improvement to ensure the effective management of identities within Four Seasons. This role is based in Four Seasons Hotels and Resorts, Toronto Corporate Office, reporting to the Senior Director, Global IT Security. This role involves interactions with primarily internal stakeholders at various levels. What You?ll Be Doing Identity Governance & Administration:

• Demonstrated ability to lead a team of technical experts and run large-scale IAM projects.
• Effectively collaborate with different internal teams to ensure a comprehensive and cohesive security awareness program.
• Develop and implement policies and procedures related to security awareness.
• Design, manage, and maintain Identity & Access tools and applications and work with cross-functional teams to ensure platforms are built to specifications.
• Establish appropriate relationships and procedures with IT and business units within Four Seasons and establish roles and responsibilities for the IAM practice.
• Support new and existing integrations with core IAM platforms and services.
• Provide technical, architectural, deployment, and operational leadership of IAM platforms.
• Managing user lifecycle and certification for colleagues and partners globally.
• Perform user administration across various identity applications and systems.
• Ensuring IAM based service requests are being addressed as per SLA.
• Govern and continually improve processes that focus on risk-based access control.
• Support GRC teams to meet compliance requirements through the review of evidence and creation of remediation plans, if necessary.
• Committed to staying up to date with the latest security trends, technologies, and best practices. This includes pursuing relevant certifications, attending industry events, and networking with other professionals in the field.
• Develop and deliver internal training material and education programs internal teams.
• Controls are critical to ensure that the security program is aligned with best practices.
  
  

Privileged Access Management:

• Developing a strategic roadmap for implementing and managing the Four Seasons PAM program. This involves defining the goals, objectives, and policies that govern privileged access and ensuring alignment with business requirements.
• Perform PAM administration activities in accordance with security policies to ensure that credentials are stored securely and provided to authorized accounts.
• Implement monitoring and auditing mechanisms to track and log privileged access activities. Analyze access logs and identifying any suspicious or anomalous behaviors. Conducting regular audits to ensure compliance and identify areas for improvement.
• Managing the lifecycle of privileged accounts, including creation, modification, and termination.
• Defining access rights and permissions for privileged accounts, establishing roles and responsibilities, and implementing segregation of duties (SoD) policies.
• Regularly reviewing access privileges, removing unnecessary privileges, and ensuring compliance with internal policies.

Who You Are

• You are detail-oriented, highly organized, and effective at prioritization and time management.
• A strong focus on delivering stakeholder satisfaction and results by anticipating and meeting stakeholder needs, expectations, and requirements.
• Creative mindset ready to provide fresh ideas on develop engaging and innovative security awareness materials.
• Collaborative attitude is must-have. Candidate will be required to work with colleagues throughout the business to onboard applications in a consistent manner.
• Ability to adapt to changing security landscapes and adjust the IAM program accordingly.
• With access to highly privileged information, it is essential to demonstrate ethical conduct, maintain confidentiality, and adhere to professional standards and legal requirements related to data privacy and security.
• The ability to stay abreast of industry best practices and emerging trends in Identity Management and continuously update knowledge and skills.
• A comprehensive understanding of cybersecurity principles, concepts, and technologies. This includes knowledge of common threats, vulnerabilities, and attack vectors.
• Strong familiarity with identity management systems, access management tools, single sign-on (SSO) solutions, multi-factor authentication (MFA), privileged access management (PAM), and federation protocols (such as SAML, OAuth, and OpenID Connect).
• Strong familiarity with cloud IAM providers, such as AWS IAM, Azure Active Directory, and their features like identity federation, role-based access controls, and cloud-based SSO.
• Familiarity with various security tools and technologies such as firewalls, intrusion detection systems, endpoint protection, and data encryption technologies is essential.
• Familiarity with a variety of the information security, networking, and governance concepts, practices, and procedures.
• Ability to clearly communicate with technical and non-technical stakeholders is essential.
• Thorough understanding of regulatory and compliance requirements, such as PCI-DSS, GDPR, CCPA, etc.
• Ensure annually required Security Awareness Training is completed by colleagues to ensure compliance with internal policies and regulatory requirements.
• Manage third-party vendor relationships and ensure that vendors comply with the organization's policies and procedures.

What You Bring

• Bachelor?s degree or equivalent business qualifications.
• 3+ years of experience in building and managing an enterprise IAM program.
• 5+ years of experience of governance and management of Microsoft Directory and IAM product suites and (e.g., AD, Azure AD, Conditional Access, etc.) in an enterprise environment.
• Strong understanding of security best practices including NIST CSF, PCI DSS, and other leading control frameworks.
• Strong understanding with IAM related protocols such as SAML, SCIM, OpenID, OAuth.
• Strong understanding of Directories, SSO, Federation, Delegated administration, and API gateways.
• Ability to work collaboratively with internal stakeholders across the organization.
• Strong analytical skills and attention to detail
• Strong understanding of network, application, and other technical security controls
• Professional certification such as CISSP or CISM is a plus
• Information Security Certification or Accreditation an asset.
• Proficiency in directory services, such as Microsoft Active Directory (AD) or LDAP (Lightweight Directory Access Protocol), is required. Knowledge of directory structure, user provisioning, group management, and authentication mechanisms within these systems is essential.
• Knowledge of industry standards such as ISO 27001, NIST Cybersecurity Framework, and CIS
• Understanding of information security principles, including confidentiality, integrity, and availability, and familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework.
• Strong knowledge of incident response processes and procedures.
  
  

All internal applications must be submitted and approved in Workday by May 26, 2023.

This role will be a Hybrid working model, which will require 3 days per week in the Four Seasons Corporate Office located at 1165 Leslie Street, Toronto, Ontario #LI-Hybrid Four Seasons is committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. If contacted for an employment opportunity, please advise Human Resources if you require accommodation.