*Hello ,* *Hope you are doing great!*
*Please find the Urgent Requirement. Kindly share the matching profiles with me.* *Job Title : * *IAM/**IDM Solutions Architect* *Position : 1* *Location : Rosemont, IL* *Duration : 6 Months* *Interview **: Face to Face* *Note : Need Local Consultant Only. * *Description:* *This is for Burwood Group (consulting firm) for their client, Reyes Holdings. I have a consultant on project there now and he needs help with* *IAM / IDM practices… solution recommendations, design, policy, etc.. It’s an Active Directory environment.* *Experience with solutions architecture in regards to IDM / IAM solutions (Identity Management / Identity Access Management) and Active* *Directory design is mandatory. H1B visa candidates are okay, but great communication skills is mandatory. * *Project Scope:* In the interest of isolating access rights to avoid data exposure (see ransomware) and to prevent undue data/document access, an Identity Access Management infrastructure and policy needs to be developed and implemented. *Architectural review:* · AD design Review · IDM Solution review and recommendations · IDM Design · IDM Policy and solution implementation *This includes:* · Review and update the term and creation process to stop the hemorrhaging. o If there no security group, create one and the appropriate permissions – need a naming standard and policy limitations around the permissions o Don’t add a user to a role, add a group, if the group doesn’t exist, create one – need guidelines around this. · Removing domain admin access from ALL service accounts · Restricting domain admin access to fewer than 10 individuals · Mandating that all administrative login and actions are initiated and executed with a personal (non-anonymous) account o Communicate to all affected admins · Mandating that all new access CANNOT be cloned o Change IT request form o Communicate to ITSC · Reviewing existing access and permissions o All access should be centralized (some access is defined on the application) · Develop roles/group membership based on that access · Interview all department heads to confirm roles · Test access with select individuals for each of the roles · Roll out to the rest of the company · Remediate issues - modify roles as appropriate · Provide exceptions - where needed · Lock down the roles · Establish EPMO framework mandating that all new apps need to be integrated with AD/LDAP with permissions defined in AD *Create policies, process and procedures around:* · Maintaining the roles · Maintaining the access control framework · When and how to modify the roles · Access exception policy and procedure · Create a new standard and corresponding policies for MACD user accounts o Establish a codified process for ITSC and HR around MACD o Instruct the ITSC on the new policy · Prohibiting Cloning. *Thanks,* *Jason* *Sr.Technical Recruiter* *TEKTREE LLC* *Work* : (734) 661-7969 <%28734%29%20661-7969> *Fax* : (302) 397-2097 *Email * : *[email protected] <[email protected]> **Website*: www.tektreeinc.com -- You received this message because you are subscribed to the Google Groups "SAP Resource Center" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sap-resource-center. For more options, visit https://groups.google.com/d/optout.
