Free Architect Identity And Access Management Course (6Months)
Architect Identity And Access Management:
Brief Job Description: This job role is responsible for designing, developing and providing identity and access management solutions. The main duties consist of identifying business requirements with respect to identity and access management and then designing, researching, recommending, developing and overseeing implementation of identity and access management solution to meet business requirements.
Personal Attributes: This job may require the individual to work independently and take decisions for his/her own area of work. The individual should be result oriented and have a high attention for detail as well as ability to understand the big picture with strong analytical and problem solving abilities. The individual should also be able to demonstrate communication skills, logical thinking, ability to understand and align to business context.
Research and recommend options for identity and access management
solutions to meet the identified security objectives:
Performance Criteria
PC1. confirm that you have complete and accurate details of and understand the security objectives
PC2. review the usage of existing IDAM technologies and protocols and Logical Physical Access to assess risks w.r.t Business and security objectives
PC3. consult with engineering teams in the areas of authentication and authorization mechanism for its usage in channels such as web, mobile, applications
PC4. conduct technical risk analysis, threat identification of the existing IDAM solution
PC5. identify level of risk acceptable for business requirements by discussing with business and technical leads
PC6. research relevant information required to meet the security objectives based on the evaluation of assets, threats, vulnerabilities and security risks
PC7. identify and record details of constraints that may have an impact on the business and security options
PC8. maintain the security and confidentiality of information relating to the security objectives
PC9. gather sufficient accurate information on which to determine potential costs, benefits and effectiveness of recommended security solutions
PC10. identify and determine the cost, potential benefits, and effectiveness of recommended security solutions, based on valid assumptions, considerations and information, including possible constraints
PC11. prepare recommendations that have the potential to meet the security objectives of the organisation
PC12. provide details of costs, benefits, effectiveness, limitations and constraints of recommendations
PC13. provide recommendations of security solutions in an agreed format to the responsible person within agreed timescales
PC14. provide the organisation with considered advice on the implications of accepting, modifying or rejecting security recommendations
PC15. take account of the organisation’s values, culture and nature of business
PC16. maintain the security and confidentiality of information relating to your organisation and recommendations
PC17. obtain necessary approvals from the responsible persons as per organisational policy
Organizational
Context
KA1. your organization’s policies, procedures, standards and guidelines for managing information security
KA2. your organization’s knowledge base and how to access and update this
KA3. limits of your role and responsibilities and who to seek guidance from
KA4. the organizational systems, procedures and tasks/checklists within the domain and how to use these
KA5. how to engage with both internal and external clients understanding requirements
KA6. service request procedures, tools, and techniques
KA7. the operating procedures that are applicable to the system(s) being used
KA8. standard tools and templates available and how to use these
Technical
Knowledge
KB1. cyber security concepts
KB2. relevant IdAM technologies and Protocols
KB3. information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption) Information Systems/Network Security
KB4. local area network (LAN) and wide area network (WAN) principles and concepts, including bandwidth management
KB5. infrastructure Design
KB6. the enterprise information technology (IT) architecture
KB7. service-oriented architecture (SOA)
KB1. architecture and solution design for High available and distributed systems
KB2. Virtual Private Network (VPN) security Encryption
KB3. extension points of the products (for customization and integration with other applications)
KB4. Secure integration approach with different third party systems
KB5. Privileged identity Management
KB6. authorization delegation and Federation protocols and Solutions
KB7. delegated administration and provisioning
KB8. ID as a Service
KB9. HR systems
KB10. measures or indicators of system performance and availability Information Technology Performance Assessment
KB11. Best practices for IAM implementation
KB12. new technological developments in identity and access management
KB13. server administration and systems engineering theories, concepts, and methods Systems Life Cycle
KB14. Segregation of Duties (SoD) configuration
KB15. network access, identity, and access management (e.g., public key infrastructure [PKI])
KB16. scripting knowledge
KB17. migration of systems and users
KB18. the basic functionalities of the applications, hardware and/or access rights that are used by the customers
Generic Skills
Writing Skills
You need to know and understand how to:
SA1. complete accurate well written work with attention to detail
SA2. document call logs, reports, task lists, and schedules with co-workers
SA3. prepare status and progress reports
SA4. write memos and e-mail to customers, co-workers, and vendors to provide them with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes
Reading Skills
You need to know and understand how to:
SA5. read about new products and services with reference to the organization and also from external forums such as websites and blogs
SA6. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets
SA7. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal
SA8. read policy manual, standard operating procedures and service level agreements relevant to work area
SA9. read emails received from own team, across team and external vendors and clients
Oral Communication (Listening and Speaking skills)
You need to know and understand how to:
SA10. discuss task lists, schedules, and work-loads with co-workers
SA11. give clear instructions to specialists/vendors/users/clients as required
SA12. keep stakeholders informed about progress
SA13. avoid using jargon, slang or acronyms when communicating with a customer, unless it is required
SA14. receive and make phone calls, including call forward, call hold, and call mute
Decision Making
You need to know and understand how to:
SB1. follow rule-based decision-making processes
SB2. make a decision on a suitable course of action
Plan and Organize
You need to know and understand how to:
SB3. plan and organize your work to achieve targets and deadlines
Customer Centricity
You need to know and understand how to:
SB4. Identify internal or external customer requirement and priorities clearly with respect to work at hand
SB5. carry out rule-based transactions in line with customer-specific guidelines, procedures, rules and service level agreements
SB6. check that your own and/or your peers work meets customer requirements
Problem Solving
You need to know and understand how to:
SB7. apply problem-solving approaches in different situations
SB8. seek clarification on problems from others
Analytical Thinking
You need to know and understand how to:
SB9. analyze data and activities
SB10. configure data and disseminate relevant information to others
SB11. pass on relevant information to others
Critical Thinking
You need to know and understand how to:
SB12. provide opinions on work in a detailed and constructive way
SB13. apply balanced judgments to different situations
Attention to Detail
You need to know and understand how to:
SB14. check your work is complete and free from errors
Team Working
You need to know and understand how to:
SB15. work effectively in a team environment
SB16. work independently and collaboratively
Technical Skills
You need to know and understand how to:
SC1. create and maintain roadmaps for a technology or service
SC2. read and write coded scripts and modify and debug programs
SC3. work on various operating systems
SC4. work with word processors, spreadsheets and presentations
SC5. perform basic penetration testing and ethical hacking
Design and develop solutions for identity management to meet the security
objectives:
Performance Criteria
PC1. receive specifications of requirements and security objectives from authorized source
PC2. use an IDAM security product to design and deploy end to end identity and access management
PC3. design and deliver a cohesive blueprint for delivery of Identity & Access services to include technology options
PC4. design the user access control and privilege framework
PC5. design and develop group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs
PC6. build strategies to advance to more effective protocols and sunset ineffective protocols
PC7. develop local network usage policies and procedures
PC8. use access management technologies, methodologies and role-based and security-based entitlements models to develop effective IDAM solutions
PC9. write applications as per designed identity and access management solution
PC10. write programs in CC++ or .net tool for designed identity and access management solution
PC11. ensure secure integration approach with different third party systems
PC12. ensure identification and remediation of control weaknesses; using existing methodologies
PC13. develop fixes, patches, & recovery procedures in the event of a security breach
PC14. liaise with delivery/deployment teams to ensure IAM requirements are included in all application delivery projects
PC15. conduct security assessments of authentication applications such as secure code reviews, application penetration testing & threat modeling/architectural risk analysis
PC16. ensure technology risk considerations are identified and adequately addressed for new application developments, integration and deployment
PC17. comply with relevant legislation, standards, policies and procedures
Organizational
Context
KA1. your organization’s policies, procedures, standards, guidelines and service level agreements for responding to information security incidents
KA2. the day-to-day operations, procedures and tasks relating to your area of work your organization’s knowledge base and how to access and update this
KA3. organization’s knowledge base and how to access and update this
KA4. limits of your role and responsibilities and who to seek guidance from
KA5. the organizational systems, procedures and tasks/checklists within the domain and how to use these
KA6. how to engage with both internal and external specialists for support in order to resolve incidents and service requests
KA7. HR systems
KA8. the operating procedures that are applicable to the system(s) being used
KA9. computer network defense (CND) policies, procedures, and regulations
KA10. standard tools and templates available and how to use these
Technical
Knowledge
You need to know and understand:
KB1. basic cyber security concepts
KB2. relevant networking concepts, devices and terminologies
KB3. information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption) Information Systems/Network Security
KB4. the range of tools, software and techniques that are used for identity and access management and how to apply them
KB5. end-to-end user lifecycle management
KB6. role-based and security-based entitlements models
KB7. user account provisioning and workflow processes
KB8. infrastructure Design
KB9. the enterprise information technology (IT) architecture
KB10. Virtual Private Network (VPN) security Encryption
KB11. extension points of the products (for customization and integration with other applications)
KB12. architecture and solution design for High available and distributed systems
KB13. secure integration approach with different third party systems
KB14. federated solutions
KB15. privileged identity management
KB16. authorization delegation and Federation protocols
KB17. ID as a Service
KB18. best practices for IAM implementation
KB19. measures or indicators of system performance and availability Information Technology Performance Assessment
KB20. Infrastructure Design
KB21. IDAM tools, technologies and applications
KB22. new technological developments in identity and access management
KB23. server administration and systems engineering theories, concepts, and methods Systems Life Cycle
KB24. Segregation of Duties (SoD) configuration
KB25. scripting knowledge
KB26. migration of systems and users
KB27. the basic functionalities of the applications, hardware and/or access rights that are used by the customers
KB23. server administration and systems engineering theories, concepts, and methods Systems Life Cycle
KB24. Segregation of Duties (SoD) configuration
KB25. scripting knowledge
KB26. migration of systems and users
KB27. the basic functionalities of the applications, hardware and/or access rights that are used by the customers
Writing Skills
The user/ individual on the job needs to know and understand how to:
SA1. document call logs, reports, task lists, and schedules with co-workers
SA2. prepare status and progress reports
SA3. log calls and raise tickets in the SIEM tool, providing proper indicators and descriptions as required
SA4. write memos and e-mail to customers, co-workers, and vendors to provide them with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes
Reading Skills
The user/individual on the job needs to know and understand how to:
SA5. read about new products and services with reference to the organization and also from external forums such as websites and blogs
SA6. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets
SA7. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal
SA8. read policy manual, standard operating procedures and service level agreements relevant to work area
SA9. read emails received from own team, across team and external vendors and clients
Oral Communication (Listening and Speaking skills)
You need to know and understand how to:
SA10. listen effectively and orally communicate information accurately
SA11. ask for clarification and advice from others
Professional Skills
Decision Making
You need to know and understand how to:
SB1. follow rule-based decision-making processes
SB2. make a decision on a suitable course of action
Plan and Organize
You need to know and understand how to:
SB3. plan and organize your work to achieve targets and deadlines
Customer Centricity
You need to know and understand how to:
SB4. build and maintain positive and effective relationships with customers
SB5. check that your own work meets customer requirements
Problem Solving
You need to know and understand how to:
SB6. apply problem solving approaches in different situations
SB7. seek clarification on problems from others
SB8. refer anomalies to the line manager
Analytical Thinking
You need to know and understand how to:
SB9. analyze data and activities
SB10. configure data and disseminate relevant information to others
SB11. pass on relevant information to others
Critical Thinking
You need to know and understand how to:
SB12. provide opinions on work in a detailed and constructive way
SB13. apply balanced judgments to different situations
Attention to Detail
You need to know and understand how to:
SB14. apply good attention to details
SB15. check your work is complete and free from errors
Team Working
You need to know and understand how to:
SB16. work effectively in a team environment
SB17. contribute to the quality of team working
SB18. work independently and collaboratively
Technical Skills
You need to know and understand how to:
SC1. create and maintain roadmaps for a technology or service
SC2. translate security policies, requirements, risks, and audit comments into solutions
SC3. read and write coded scripts and modify and debug programs
SC4. work on various operating systems
Ensure implementation of identity and access management solution follows architectural design:
Performance Criteria
PC1. clarify architectural design to the implementation team
PC2. Provide inputs for implementation strategies and plan to the implementation team(s)
PC3. Perform comparative analysis and evaluation of the implemented solutions against architectural design
PC4. Derive relevant features of the solutions for the desired requirements s per architectural design
PC5. Test or pilot market/in house solutions for their fitment
PC6. Suggest integration and interfaces for market/in-house solutions with other security solutions like SIEM or external solutions
PC7. Resolve queries for the implementation and administration team with respect to overall Identity and access management architectural design
PC8. Review the implementation steps and their outcome to ensure that they satisfy architectural objectives and adhere to design
PC9. Assess how implementation satisfies compliance requirements
Organizational
Context
You need to know and understand:
KA1. relevant legislation, standards, policies, and procedures followed in the company
KA2. organization’s knowledge base and how to access and update this
KA3. limits of your role and responsibilities and who to seek guidance from
KA4. the organizational systems, procedures and tasks/checklists within the domain and how to use these
KA5. Organizational hierarchy and management structure
KA6. HR systems
KA7. how to engage with both internal and external specialists for support in order to resolve incidents and service requests
KA9. service request procedures, tools, and techniques the operating procedures that are applicable to the system(s) being used
KA10. typical response times and service times related to own work area
KA11. standard tools and templates available and how to use these
KA12. computer network defense (CND) policies, procedures, and regulations
Technical
Knowledge
You need to know and understand:
KB1. Basic cyber security concepts
KB2. explain how hardware and software vulnerabilities can be identified and resolved
KB3. what is meant by identity and access management and how to implement it
KB4. the organizational structure and management processes for identities of employees, contractors, customers and other constituents
KB5. the organizational polices and standards that are used for identity and access management and how to apply them
KB6. the main features of an identity and access management system that facilitates the management of electronic identities and access privileges
KB7. range of Tools, technologies, techniques and protocols relevant to identity and access management and how to apply them
KB8. end-to-end user lifecycle management
KB9. user account provisioning and workflow processes
KB10. processes for authentication and entitlement to access different systems and data across an organization
KB11. processes for database access to specific datasets and data security and privacy concerns
KB12. interpretation of IdAM policy with respect to management of electronic identities and access privileges
KB13. the underlying database structure that is used in information systems access privileges is in order to successfully manage identities and access.
KB14. what the organizational security architecture is and how to apply this
KB15. the need to ensure that identity and access management operations align to changing business needs
KB16. the need to modify access controls in line with employees changing responsibilities, including removal of access when no longer required
KB17. the importance of monitoring access controls in relation to regulatory compliance for sensitive data
KB18. how to identify possible future requirements for the identity and access
KB19. the basic functionalities of the applications, hardware and/or access rights that are used by the customers
KB20. various aspects of Active Directory, Exchange, file share, SharePoint, custom applications, and remote access issues
KB21. federated solutions and privileged identity management
KB22. best practices for IAM implementation
KB23. Information Security concepts, policies, and procedures
Writing Skills
You need to know and understand how to:
SA1. complete accurate well written work with attention to detail
SA2. document call logs, reports, task lists, and schedules with co-workers
SA3. prepare status and progress reports
SA4. log calls and raise tickets in the SIEM tool, providing proper indicators and descriptions as required
SA5. write memos and e-mail to customers, co-workers, and vendors to provide them with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes
Reading Skills
You need to know and understand how to: read about new products and services with reference to the organization and also from external forums such as websites and blogs
SA7. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets
SA8. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal
SA9. read policy manual, standard operating procedures and service level agreements relevant to work area
SA10. read emails received from own team, across team and external vendors and clients
Oral Communication (Listening and Speaking skills)
You need to know and understand how to:
SA11. discuss task lists, schedules, and work-loads with co-workers
SA12. give clear instructions to specialists/vendors/users/clients as required
SA13. keep stakeholders informed about progress
SA14. avoid using jargon, slang or acronyms when communicating with a customer, unless it is required
SA15. receive and make phone calls, including call forward, call hold, and call mute
Professional Skills
Decision Making
You need to know and understand how to:
SB1. follow rule-based decision-making processes
SB2. make a decision on a suitable course of action
Plan and Organize
You need to know and understand how to:
SB3. plan and organize your work to achieve targets and deadlines
Customer Centricity
You need to know and understand how to:
SB4. Identify internal or external customer requirement and priorities clearly with respect to work at hand
SB5. carry out rule-based transactions in line with customer-specific guidelines, procedures, rules and service level agreements
SB6. check that your own and/or your peers work meets customer requirements
Problem Solving
You need to know and understand how to:
SB7. apply problem-solving approaches in different situations
SB8. seek clarification on problems from others
Analytical Thinking
You need to know and understand how to:SB9. analyze data and activities
SB10. configure data and disseminate relevant information to others
SB11. pass on relevant information to others
Critical Thinking
You need to know and understand how to:
SB12. provide opinions on work in a detailed and constructive way
SB13. apply balanced judgments to different situations
Attention to Detail
You need to know and understand how to:
SB14. check your work is complete and free from errors
Team Working
You need to know and understand how to:
SB15. work effectively in a team environment
SB16. work independently and collaboratively
Technical Skills
You need to know and understand how to:
SC1. implement multiple authentication techniques
SC2. customize the identity and access management system to align to business processes and the security architecture
SC3. analyze and modify the underlying database structure that is used in information systems access privileges
SC4. Operate console of security information and event management tools (SIEM)
SC5. Work on various operating system
SC6. Work with word processers, spreadsheets and presentations
SC7. Stay abreast of the latest developments in terms of industry standards and information security tools and techniques
Guidelines for Assessment:
- Criteria for assessment for each Qualification Pack (QP) will be created by the Sector Skill Council (SSC). Each performance criteria (PC) will be assigned Theory and Skill/Practical marks proportional to its importance in NOS.
- The assessment will be conducted online through assessment providers authorised by SSC.
- Format of questions will include a variety of styles suitable to the PC being tested such as multiple choice questions, fill in the blanks, situational judgment test, simulation and programming test.
- To pass a QP, a trainee should pass each individual NOS. Standard passing criteria for each NOS is 70%.