Digital Workplace & Identity Architect

Pioneering trusted medical solutions to improve the lives we touch: Convatec is a global medical products and technologies company focused on solutions for the management of chronic conditions with leading positions in advanced wound care ostomy care continence care and infusion care. With around 10000 colleagues we provide our products and services in almost 100 countries united by a promise to be forever caring. Our solutions provide a range of benefits from infection prevention and protection of at-risk skin to improved patient outcomes and reduced care costs. Convatecs revenues in 2023 were over $2 billion. The company is a constituent of the FTSE 100 Index (LSE:CTEC). To learn more about Convatec please visit

Introduction

Convatec is exploring the need for adding an Architect in the existing Architecture team who would focus on providing strength and skills in Digital Work place and Identity management

The architecture would support projects and initiatives

Act as an bridge between Solution Architecture Platform Architecture IT Delivery (Engineering) and IT Operations

Technical Skills:

1. Identity and Access Management (IAM)

Understanding IAM Principles: Knowledge of fundamental IAM concepts such as authentication authorization user provisioning and de-provisioning is crucial.

Implementation of IAM Solutions: Proficiency in implementing IAM solutions using tools like Okta Microsoft Azure AD Azure B2C and SailPoint.

Implementation of Privilege Access Management Solutions: Proficiency in implementing PAM solutions using tools like Okta Microsoft Azure AD Delinea Salesforce or Omada

2. Directory Services

Expertise in Directory Services: Experience with directory services like Active Directory Active Directory Federation Services Entra AD Azure B2C and LDAP including their integration and management.

Schema Management: Ability to design and manage directory schema to support business requirements.

Role Based Access: Knowledge of fundamental Role Based Access concepts and best practices is crucial.

3. Security Protocols and Standards

Familiarity with Security Protocols: Knowledge of protocols like SAML OAuth OpenID Connect LDAP DMARC DKIM SPF and RADIUS is essential for securing communications.

Private Key Infrastructure: Knowledge of Microsoft PKI services both on premise and on Azure Cloud.

Compliance and Standards: Understanding of industry standards and compliance requirements such as GDPR HIPAA and NIST.

5. Messaging and Collaboration

MS Exchange: Proficiency in Microsoft Exchange and Exchange online on hybrid environments.

Transactional email: Knowledge of transactional email concepts and platforms like Postfix Postmark and Mailchimp.

Teams Voice and Collaboration: Knowledge of Office 365 services such as Copilot SharePoint OneDrive Teams services and endpoint devices Teams voice services protocols and hybrid infrastructure architecture.

6. Software Deployment and Patching

Knowledge of MECM: Proficiency in SCCM and Intune service deployments and integrations such as Patch My PC.

Mobile Device Management: Knowledge mobile device management tools such as Microsoft Intune Apple Business Manager or MaaS360.

7. Software Development and Scripting

Programming Languages: Proficiency in languages such as Java Python and C# for developing customized identity solutions.

Scripting Skills: Knowledge of scripting for automation and integration using tools like PowerShell and Batch.

8. Digital Workplace Skills

• Design and develop comprehensive digital workplace architectures that align with the organizations strategic goals and objectives.
• Lead the evaluation selection and implementation of digital workplace tools including collaboration platforms communication tools and productivity applications.
• Assist in planning Mergers and Acquisitions.
• Enterprise Mobility: Knowledge of mobile device management (MDM) and enterprise mobility management (EMM) solutions.
• Networking: Understanding of network architecture including VPNs firewalls SIP and LAN/WAN configurations.
• Cybersecurity: Familiarity with cybersecurity principles and tools such as endpoint security identity and access management (IAM) privilege access management and data protection.
• Virtualization and VDI: Experience with virtualization technologies and virtual desktop infrastructure (VDI) solutions such as Azure Virtual Desktop AWS Workspaces VMware and Citrix.
• Automation and Scripting: Ability to write scripts and automate tasks using PowerShell Python or similar languages.
• Integration: Knowledge of API integration and development ensuring different systems can communicate and work together effectively.
• Software Development: Basic understanding of software development processes and methodologies.

Analytical Skills

1. Problem-Solving and Troubleshooting

Analytical Thinking: Ability to analyse complex problems related to identity and access management and develop effective solutions.

Root Cause Analysis: Proficiency in identifying the root causes of issues and implementing corrective measures.

2. Risk Assessment

Risk Analysis: Evaluating potential risks to identity systems and developing strategies to mitigate these risks.

Security Audits: Conducting regular audits to ensure compliance with security policies and standards.

3. Project Management

Project Planning: Ability to plan and manage IAM projects ensuring they are completed on time and within budget.

Team Coordination: Coordinating with cross-functional teams to achieve project goals and objectives.

Soft Skills

1. Communication

Effective Communication: Ability to communicate complex technical concepts to non-technical stakeholders.

Documentation Skills: Proficiency in creating clear and concise documentation for identity systems and processes.

2. Collaboration

Team Collaboration: Working effectively with other IT professionals including network engineers security analysts and software developers.

Stakeholder Engagement: Engaging with stakeholders to understand their requirements and ensure their needs are met.

3. Adaptability

Learning Agility: Ability to quickly learn and adapt to new technologies and industry trends.

Flexibility: Being flexible and open to change in a dynamic and fast-paced environment.

Emerging Skills

1. Cloud Identity Management

2. Artificial Intelligence and Machine Learning

AI Integration: Leveraging AI and machine learning to enhance identity verification and fraud detection.

Behavioural Analytics: Using behavioural analytics to identify and respond to unusual access patterns.

3. Zero Trust Architecture

Zero Trust Principles: Implementing Zero Trust principles to ensure secure access to resources regardless of the location of the user.

Micro-Segmentation: Dividing networks into micro-segments to limit the lateral movement of threats.

#LI-Hybrid

#LI-AR2

Beware of scams online or from individuals claiming to represent Convatec

A formal recruitment process is required for all our opportunities prior to any offer of employment. This will include an interview confirmed by an official Convatec email address.

If you receive a suspicious approach over social media text message email or phone call about recruitment at Convatec do not disclose any personal information or pay any fees whatsoever. If youre unsure please contact us at .

Equal opportunities

Convatec provides equal employment opportunities for all current employees and applicants for employment. This policy means that no one will be discriminated against because of race religion creed color national origin nationality citizenship ancestry sex age marital status physical or mental disability affectional or sexual orientation gender identity military or veteran status genetic predisposing characteristics or any other basis prohibited by law.

Notice to Agency and Search Firm Representatives

Convatec is not accepting unsolicited resumes from agencies and/or search firms for this job posting. Resumes submitted to any Convatec employee by a third party agency and/or search firm without a valid written and signed search agreement will become the sole property of Convatec. No fee will be paid if a candidate is hired for this position as a result of an unsolicited agency or search firm referral. Thank you.

Already a Convatec employee

If you are an active employee at Convatec please do not apply here. Go to the Career Worklet on your Workday home page and View Convatec Internal Career Site - Find Jobs. Thank you!