Department
Information Management and Disruptive TechnologyPurpose
The Senior Identity and Access Management Specialist is responsible to design,
implement and operate the identity and access management program including
processes, standards and solutions across all IT applications, IT services and
information technology components to manage how business users and IT
personnel access IsDB data and systems in order to reduce the risk of
unauthorized access and ensure adequate preventive, monitoring and reactive
controls for governance, risk and compliance are established to manage the
residual risk within the risk appetite of the organization. The Senior
Identity and Access Management Specialist performs both the strategic
oversight and day-to-day management of the third parties to ensure that
identity and access management services meet the organizational needs.Key
Accountabilities
* Design and maintain the identity and access management architecture and roadmap in collaboration with Enterprise Architects, Solution Architects, Solution Operations and Infrastructure Operations across the application and IT Infrastructure technology landscape to manage authentication and access across all IsDB systems and data
* Collaborate with the Enterprise Architecture, Technology Risk, Risk Management, and Internal Audit functions to address complex identity and access management requirements within the three lines of defense organizational model
* Develop and maintain identity and access management policies, processes, and procedures according to industry frameworks and standards in coordination with the Technology Risk and Assurance function
* Ensure compliance to organizational identity and access management policies, standards and guidelines for HQ and Regional Hubs covering cloud services, data centers, network, servers, communication solutions, disaster recovery sites, end user computing, databases, solution platforms, business applications and websites
* Manage third parties delivering identity and access management operations for HQ and Regional Hubs to ensure appropriate access for business users and IT personnel of the IT landscape in compliance with defined policies, processes and SLAs
* Collaborate with Solution Delivery and Technology Operations teams to onboard and integrate new business applications and IT services with the identity and access management solutions and processes as part of the transition of business solutions and IT services from the implementation phase to the operations phase
* Participate as a standing member of the Change Advisory Board to ensure all changes within the IsDB technology environment are complying with identity and access management policies and standards
* Plan and manage the implementation of proactive risk assessments and compliance reviews to assess the risks associated with access to IsDB systems and data and monitor compliance to standards and processes for access across the IsDB IT environment
* Ensure that the identity life cycle policies, processes and standards covering the joiner, mover and leaver scenarios are defined and adopted for all categories of users who require access to IsDB system and data including staff, consultants, contractors and others
* Lead the planning and implementation of periodic access reviews across business solutions and IT infrastructure components to ensure appropriate access to systems and data for business users, IT personnel and third parties to reduce the risk of abuse or fraud
* Establish and maintain technical standards for authentication and authorization design and implementation for all IsDB applications, IT services and technology components
* Design and implement standards, processes and solutions for managing and monitoring privileged access to IsDB systems and data to reduce the high risk related to super user access within the IT environment
* Oversee the second and third levels of support and response for identity and access incidents and requests
* Manage the implementation and integration of identity and access monitoring across the IsDB IT environment within the overall security monitoring framework
* Design and implement the integration of identity and access management processes and solutions with the IT service management processes and solutions, including integration of scope and processes covered by 3rd party service providers
* Manage the solution landscape that supports the identity and access management processes including authentication, identity governance, identity administration, privileged identity management and compliance
* Provide training and awareness on identity and access management topics across business solutions and IT services to enhance the adoption during solution implementation, infrastructure and security operations, IT service management and other domains in accordance with organizational policies, processes and standards
* Prepare and present detailed and summary identity access management reports to accurately represent plans, status and risks to IMDT, business and management stakeholders
Requirements
Academic and professional qualifications: *
* Bachelor’s degree in Computer Science, Engineering, Information Technology or related field
Experience:
* 8+ years of experience in information security and identity and access management
Languages:*
* English - Mandatory
* Arabic - Preferred
* French - Preferred
Job Type: Full-time