Identity and Access Senior Manager

My client, an international bank in London, are looking for an Identity and Access Senior Manager to join their growing team.

About the Identity and Access Senior Manager role:

The Identity and Access Management team supports three streams of work;

IAM Operations: A central administration team that fulfil requests to provision access to >100 systems used across the Bank

IAM Governance: The team providing oversight and control to the management of access across >300 systems and supporting infrastructure used within the Bank

IAM Tools: The team supporting systems used to manage user (SailPoint IdentityIQ) and privileged access (HiPAM) across the bank

The team is predominantly based in London, with resources in Singapore to provide coverage across time-zones.

Job purposes:

This role is to provide IAM services globally, including the following key activities:

• Provide effective management of the IAM Operations team to ensure fulfilment of access meets the Bank’s SLA’s
• Own the Identity and Access Management policies and standards and facilitate adherence across the Bank
• Deliver the tools and processes used to manage user and privileged access
• Support internal and external audit reviews of Identity and Access Management
• Engage with IT and Business representatives through various groups and forums

Key Responsibilities:

• Provide effective management of the IAM Operations team to ensure fulfilment of access meets the Bank’s SLA’s
• Ownership of the access provisioning service and SLA’s
• Management of the resources and prioritization to ensure adequate resourcing whilst remaining within budget
• Recommend, own and deliver improvements to processes and controls around access administratio
• Regular liaison with Business and IT partners to understand and consult on access provisioning for systems that are being introduced to the Bank
• Handle escalations and issues with the service
• Own the Identity and Access Management policies and standards and facilitate adherence across the Bank:
• Write and maintain Identity Access Management Standards in-line with industry standards and regulatory requirements
• Obtain support for any changes from Audit, Business and IT stakeholders Monitor adherence to the Standards through reporting and MI
• Establish and agree plans and targets to resolve or mitigate any gaps in compliance
• Deliver the tools and processes used to manage user and privileged access:
• Ownership of the technologies in use within the Bank that contribute to access management
• Work with stakeholders across Audit, Business Lines and IT areas to understand initial and on-going requirements for access management tools and processes
• Identify gaps in current tooling and coordinate improvements to enhance capabilities
• Continuously review processes and controls to ensure design and operation is effective and efficient
• Support internal and external audit reviews of Identity and Access Management:
• Assist in regular and ad-hoc audits of the IT Control environment
• Coordinate IAM audit requirements to ensure necessary information is made available
• Agree on any improvements to the IAM control environment and own the delivery
• Engage with IT and Business representatives through various groups and forums:
• Represent IAM in committees, forums and project working groups Ensure adequate levels of governance over the program

Ideal candidate:

Holds a degree (or similar) in Business, IT or a related subject

• Has an Information Security and/or Information Technology industry certification (CISSP, CISM, CISSP-ISSMP, CRISC or GIAC equivalent) strongly preferred
• Prior experience managing a department or team
• Possesses good knowledge and experience of investment banking industry, understanding how access management applies across transactional lifecycles in the business
• Subject matter expert in IAM – understanding the concepts from JML, SoD, RBAC and being able to apply these to an organization
• Subject matter expert in Privileged Access Management – understanding how operating systems, databases and network components can be permissioned to ensure protection of their confidentiality, integrity and availability
• Strong ability in data analysis being able to use Excel, Power BI and other tools in order to interrogate access data and investigate process and control failures
• Experience in using SailPoint, Bravura Privilege (or equivalents)
• Experience delivering process/control/tooling improvement initiatives including; developing business cases, securing funding, conducting RFP’s and managing delivery
• Strong understanding of Information Security and Data Protection expectations of the major UK regulators affecting my client, specifically FCA, PRA, ICO

If the above role is of interest please apply to this job advertisement or call me on 0207 509 8040 to find out more.