Get a free C.V. review by sending your C.V. to email@example.com or click the following link. Submit C.V.! use the subject heading REVIEW.
IMPORTANT: Read the application instructions keenly, Never pay for a job interview or application.
Click the Links Below to Get Job Updates.
The role holder will be responsible for overseeing the identity and access management assurance. Additionally, the holder will also provide 3rd Party Management assurance and recommending relevant controls for implementation to mitigate on risks identified.
- Analyze user access roles, permissions, and profiles to establish user provisioning within all Bank applications.
- Work closely with Application, System, and Network Engineers to solicit existing rules and standards, and identify and implement best practices for user access management.
- Assist with employee user account provisioning and de-provisioning, including Active Directory and Office 365 licenses.
- Collaborate with IT teams to establish and maintain user IDs, roles, and permission sets across all applications.
- Participate in revisions and updates of Internal Controls.
- Assist auditors and develop reporting options to elaborate and clarify findings.
- Interact with the Information Security team to identify and address potential concerns and necessary remediations connected to Identity Access Management (IAM).
- Lead the Access Management workstream including review of applications access rights, role definitions etc.
- Responsible for carrying out an identity and access management gap analysis against industry good practice
- Define the IAM standards required for compliance.
- Develop and implement procedures, process definition, training, and assuring quality in an IAM development environment
- Design the scope of work and road map for access management in order to achieve full data protection requirements; it must also support ISO 27001 compliance for Information Security
- Support all Third-Party Risk Management (TPRM) activities to proactively identify, evaluate, and mitigate cyber security and operational risks.
- Establish strong partnership with EQUITY stakeholders and support the facilitation and management of the security risk assessment process and monitoring of remediation plans in accordance with the TPRM standard.
- Track and monitor the status of assessments and communicate the status with key stakeholders on a regular basis.
- Participate in the preparation of third-party risk reports to effectively communicate current residual risk status to business stakeholders.
- Participate in the timely and accurate notification and escalation of actual or potential risks involving third parties.
- Support the identification and maintenance an on-going list of all critical suppliers while providing status reporting to key stakeholders.
- Support the delivery of reporting on all aspects of TPRM performance and effectiveness.
- Support the continuous assessment of any legal, regulatory, and external certification requirements relating to TPRM.
- Identify opportunities to improve business resiliency through proactive management of TPRM.
- Support the collaboration with the global purchasing organization to ensure security requirements are part of the onboarding process and continuously improved based on the ever-changing threat landscape.
- Support the collaboration with the global legal organization to ensure contractual obligations are met from a security perspective.
Knowledge and Experience
- Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or similar area of study
- Certifications such as Cloud Security, CISSP, or CISA as well as technical certifications in Microsoft and Linux platforms, as well as networking such as CCNA, CCNP, or Networking+ are a plus.
- Minimum 3 years of experience in access management and 3rd Party reviews
- Knowledge of Identity and Access Management (IAM) principles (least privilege etc).
- Experience in Big 4 is preferred
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Expertise with industry standard frameworks (ISO, NIST, PCI).
- Risk management experience, preferably within TPRM or cyber security profession.
- Knowledge of TPRM threat scenarios, security controls, concepts, processes and tools.
- Knowledge of the National Institute of Standards and Technology (NIST) frameworks and NIST controls applicable to supply chain risk management.
- Excellent communication and presentation skills, both verbal and in writing and an ability to build a network and to collaborate with various teams.
Key Critical Competencies
- Proficient in preparation of reports, dashboards and documentation
- Excellent communication and leadership skills
- Experience in performing vendor management
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
- Deep knowledge of Bank’s infrastructure, networks and systems
- IAM and 3rd Party Management across at least 13 domains in all the Technology functions and in at least 7 markets of Equity Group
Budgets/ Financial Input
. Contribute to ensuring the budgets are adhered to and cost savings on various initiatives.