Job title: Identity Trust Expert

• Location (Mexico, Bridgewater, Boston, or France)
• 50% Remote working and 10% of travel expected
• Job type: Permanent Full time

About the job

Our Team:

Are you passionate about the intricate dance of digital identities and the symphony of privileges and access controls? Do you thrive in the dynamic world of directories (Active Directory, Azure AD) where each configuration tweak orchestrates a seamless user experience? If so, we have the perfect stage for your talents.

Part of the Global Cyber Security team within the Digital organization, you will be a maestro of our identity and access management band. Your role will be to own and conduct the harmonious integration of a new privilege management solution. From composing elegant access controls to fine-tuning troubleshooting and deviation remediations, you will steer the ensemble towards a crescendo of security, compliance, and trust.

So, if you're based in Mexico, Bridgewater, Boston or France and ready to take the stage and showcase your chops, join us as we compose the future of IAM where your expertise will be instrumental in the genesis of our digital identity masterpiece.

Main responsibilities:

• Deploy, manage, govern, and define the strategy for privilege elevation solution on endpoints, ensuring secure access to resources while minimizing the risk of privilege abuse.
• Service owner of privilege elevation solution, management of stakeholder’s network, and follow-up on related SLAs.
• Continuously improve monitoring capabilities around least privilege rules, delegation management, third party authentication, privilege escalation risks. Further expand the deviation types to be monitored and remediation means (Tools, scripts, GPOs…).
• Ensure privilege elevation IT solution is well integrated in our Ecosystem going along with identity management platforms such as Bastion and Identity provisioning & Access lifecycle.
• Technically support the Cybersecurity toolset regarding systems Access Management services.
• Developing, maintaining, monitoring security KPIs and dashboards to manage security risks, track deviations and produce appropriate remediation and improvement plans.
• Ensuring a coherent and harmonized definition and adoption of security processes and solutions within the organization throughout their life cycles.
• Contributing to the crisis management process development.
• Ensuring the cyber compliance of Sanofi and its partners through preventive and corrective actions. Lead, contribute or manage the investigation of deviations, definition of the remediation plans and operational implementation.
• Conducting technical audits and contributing to internal audits. Defining, coordinating, and performing sanitation actions.
• Contributing to global projects (Cyber, Infrastructures, Business) around security breaches anticipation and remediations, mergers and acquisitions, Azure AD entitlement management, major developments around security technologies and solutions.
• Contributing to the definition of the overall strategy for Sanofi’s digital infrastructures and services, ensuring that the security risks and directives are included in the roadmaps.
• Develop and maintain documentation, standards, and best practices for privilege management on systems, fostering a culture of continuous improvement and proactive risk management.
• Stay current with industry trends, emerging technologies, and best practices in identity and access management to enhance cybersecurity resilience.

About you

Minimum Qualifications:

• Bachelor’s degree in Cyber Security or Computer Science or relevant verifiable work experience.
• 3 years of technical experience around Privileges/Access/Identity and Active Directory management in a large corporation with multiple lines of business and ideally a Cyber Security culture.
• Proficiency in Windows and Linux OS, especially on administration and security, access right management and understanding of vulnerabilities and attack techniques.
• Ability to address all security topics on a global scale. Performing in an international, intercultural and transversal environment.
• Ability to understand business needs and translate them into technical solutions.
• Familiar with all security aspects of IS and technologies (Governance, policies, processes, technologies, tools and indicators).
• Leadership and communication skills to convince and liaise with the various stakeholders, within and beyond the Digital organization.
• Strong interpersonal skills to foster and maintain collaborations, promote the subject of Cyber Security at all levels of the organization.
• Good English skills.

Desired qualifications:

• Open minded to adjust and adopt any evolution coming from new market trends and company strategy changes. Candidates must therefore have a high capacity for adaptation and learning.
• Embody Cybersecurity mindset as enablers and facilitators versus blockers.
• A solid operational experience in accounts, privileges, authentication management across multiple platforms and solutions.
• In-depth knowledge of architecture design, security best practices, processes, tools around Privileges/Access and Active Directory management.
• Experience in scripting and programing language such as PowerShell, Python, SQL and automation of privilege management tasks
• Experience with identity and access management concepts, including role-based access control (RBAC), single sign-on (SSO), just in time (JIT), and multi-factor authentication (MFA).
• Willing to expand his scope to tackle the Privileges/Access & Directories scope at broader level.
• Excellent problem-solving skills and attention to detail.
• Be able to drive investigations on anomalies and propose technical solutions to remediate (scripting/automation, process creation and improvement).
• High level of autonomy, strength of proposal and rigor to deal with and bring matters to fruition.
• Ability to respect commitments, deliver concrete results, handle multiple priorities, increase value delivery by developing and continuously improving security processes and solutions.
• Experience in transversal management.
• Relevant certifications such as Microsoft Active Directory, CISSP, or equivalent are a plus.

Pursue progress, discover extraordinary

Better is out there. Better medications, better outcomes, better science. But progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let’s be those people.

At Sanofi, we provide equal opportunities to all regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or gender identity.

Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com!