Our client, a leading HK-based IT solutions provider, is actively seeking a highly experienced and detail-oriented IAM professional to help establish and expand their CyberSecurity team, with a particular focus on Identity and Access Management (IAM) operations.
The ideal candidate will possess proven expertise and deep knowledge in Privileged Access Management, access recertification, and access controls across various platforms. Proficiency with tools such as CyberArk and HashiCorp Vault is highly desirable. This role requires strong stakeholder engagement, project leadership, and a strategic mindset toward security governance.
Responsibilities of the Role:
- Manage end-to-end IAM operations, including onboarding/offboarding, access provisioning, and regular access reviews.
- Administer and continuously enhance Privileged Access Management (PAM) solutions, primarily CyberArk.
- Develop and enforce access control policies across Linux, Windows (Active Directory), databases, and enterprise applications.
- Lead IAM projects from planning to execution, ensuring alignment with business goals and security standards.
- Collaborate with cross-functional teams to integrate IAM best practices into broader IT and security strategies.
- Conduct audits and compliance reviews to ensure adherence to internal policies and relevant regulations.
- Maintain detailed documentation of IAM processes, configurations, and standards.
- Mentor junior team members and promote a culture of ongoing improvement.
- Keep abreast of emerging IAM technologies, trends, and regulatory changes.
Required Skills for the Role:
- Bachelor's degree in Information Technology or a related field.
- Minimum of 10 years' experience in IAM operations.
- Extensive hands-on experience with CyberArk administration and PAM best practices.
- Experience with HashiCorp Vault is a plus.
- Solid understanding of access controls for operating systems, databases, and enterprise platforms.
- Familiarity with security frameworks and compliance standards such as ISO 27001 and NIST.
- Strong project management skills and stakeholder engagement capabilities.
- Excellent analytical, problem-solving, and communication skills in both English and Cantonese.
- Ability to thrive in a fast-paced, dynamic environment.
- Self-motivated with the ability to work independently.
- Relevant certifications such as CISSP, CISM, or CyberArk Defender/Sentry are advantageous.
