+ Reply to Thread
Results 1 to 7 of 7

Thread: Thoughts on IAM

  1. Member
    Join Date
    Apr 2014
    Location
    New York, NY
    Posts
    30
    #1

    Default Thoughts on IAM

    What are every ones role on IAM roles? Where does one to begin to have a career in IAM? Any certs? Can one make a career out of it or will it die down eventually?
    Reply With Quote Quote  

  2. SS
  3. Little Teapot LeBroke's Avatar
    Join Date
    Jul 2014
    Location
    Vancouver
    Posts
    472

    Certifications
    RHCSA
    #2
    Personally, I'm in the DevOps IAM group, which allows me to assume Administrator roles in all of our company's AWS accounts via their ARN.

    But I feel like we're talking about different things here.
    Reply With Quote Quote  

  4. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,987

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #3
    I don't know of certs in particular but I know I deal ALOT with it. More than I would like! My manager and I are working on a plan to implement a whole new IAM solution and how everything is setup at my company. Zero chance it will die down IMO. And yes I know a handful places that have engineers and analyst who solely deal with IAM. Smaller companies wouldn't need people whose role is to deal with it by itself. But larger ones do.

    Knowing how identities are connected and setup to different things like AD, Cloud apps, on-prem apps are key so you could focus on certifications that cover things like those technologies. For example I'm thinking of going to go after CCSP and MCSA 365 next year so I know how to best handle identities in those areas.
    Reply With Quote Quote  

  5. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,670

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security, MSISA, BSBA
    #4
    IAM is easy work. Generally it is a subset of security, although some companies keep it separate from security. I did it for 6 years at a major bank. It was pretty repetitive and metric based where I was at. As far as its future, I know when I worked at the bank they were automating the IAM processes more and more. It's definitely one of the areas of IT that lends itself well to automation, that's for sure.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Oct 2007
    Location
    Austin, TX
    Posts
    510

    Certifications
    A+, Network+, MCP, CCNA, CCNA:Voice, CCDA, CCDP, CCNP R/S, JNCIA, JNCIS
    #5
    I always thought of IAM as just a part of a security engineers toolset. Rather than their sole focus, but it seems like for bigger Fortune 500 companies there are roles just for IAM.
    My Cisco Blog Adventure: http://shawnmoorecisco.blogspot.com/

    Don't Forget to Add me on LinkedIn!
    https://www.linkedin.com/in/shawnrmoore
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    May 2006
    Posts
    2,159

    Certifications
    CISSP, CCSP, CCNA Cyber Ops, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #6
    As someone that has worked in the IAM field for close to 5 years and have implemented 2 IAM solutions from the architecture phase to production deployment and also currently working on another similiar project I can tell you its not easy work.

    There are a lot of things that are involved and you need the right people to back you up. Automation is great but it doesn't make the job or IAM tasks obsolete, you just need to have a different set of skills now in order to be efficient.

    If you were doing various IAM tasks with excel and Vlookups now you need to understand SQL databases or various automation workflows. The role didn't change, the skills you used has changed.

    There is a big value to someone with IAM experience in the right company. My company even has someone with the title of Director of IAM.
    Reply With Quote Quote  

  8. Senior Member Chivalry1's Avatar
    Join Date
    Mar 2005
    Location
    127.0.0.1
    Posts
    563

    Certifications
    CISSP, CCSP, CICSP, MCSE, C|EH, MCSA, MCITP: EMA 2K7/2010, MCTS:Exchange 2K7/2010, Sec+, Net+, CCA-XENAPP, ITIL-V3, MCDST, MOS
    #7
    For a corporate sized organization, IAM is a fairly large/complex area and is typically apart of the InfoSec departments. Job searches on Indeed.com for IAM roles are typically InfoSec position . Certification often requested are CISSP/CCSP/CISA. Most won't consider IAM as easy work and is quite challenging and in-depth. This includes areas & responsibilities of Privileges Access Management (PAM), Privileged Identity Management (PIM), Identity Protection (IP), Single Sign-On (SSO), Multi-Factor Authentication (MFA). If you company is moving into the cloud space (Azure or Amazon) then dedicated IAM resources should be critical.

    Gartner host an outstanding IAM summit every year and the depth of knowledge is tremendous. Identity Access Management is only going to grow since it aligns so closely with IT security programs. IAM definitely has much value of in the IT market space.
    "The recipe for perpetual ignorance is: be satisfied with your opinions and
    content with your knowledge. " Elbert Hubbard (1856 - 1915)
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks