Identity and Access Management (IaM) is comprised of people, process and technologies that enable the creation, maintenance, and use of a digital identity (i.e., people or things) to ensure that the right identities have access to the right resources (e.g., application, services, or data). Digital identities are not just for humans, therefore IaM controls should manage the digital identities of devices, computers, applications, and services. IaM controls allow IT and Information Security to manage approved digital identities, authenticate them when they log in, authorize them to access pre-approved resources and manage those identifies throughout their lifecycle (e.g.Joiners, Movers, and Leavers).
The Identity & Access Management (IaM) and Privilege Access Management (PAM) Security Administrator will play a key role in the Identity and Access Management Team (IaM team) and maintain IT security solutions and controls for real-time event and alarm monitoring within the Bank. The role will involve monitoring and implementing security controls for Bank ABC’s systems and networks across multiple physical and virtual environments, including on-premises and Cloud.
The role is part of the whole cybersecurity organization team and as such the job holder will also support the strategic thinking and have the operational seriousness to run several security initiatives, due diligence reviews and BAU process and other non-routine assignments at the behest of the IaM leader and GCISO, as and when necessary.
- Be able to develop access management related metrics and KPIs to track progress and measure success.
- Initiate and develop Role Based access controls matrices
- Be able to troubleshoot IAM and PAM issues and develop creative solutions to solve problems.
- Work closely with the IAM team to ensure that the right people have access to the right resources.
- Responsible for the day-to-day administration of the IAM and PAM system.
- Maintain and update documentation as needed.
- Update and maintain the IAM and PAM system according to changes in the organization’s business needs.
Research & Development
- Stay abreast of emerging changes, new technology developments, and security threats, and factor into the bank’s existing and future.
- Help identify new ways to solve existing production security issues.
- Hands-on, technically able to configure security solutions whilst following best practices
- Help develop, design automated scripts procedures to enhance and automate security processes and administrative activities.
- Identify and reuse security solutions and consider integration with other monitoring solutions to achieve the Bank Security monitoring strategy.
- Assisting with installation or processing of new security products and procedures.
- Test final security solutions to ensure they behave as expected.
- Testing security solutions using industry standard analysis criteria to ensure its configured as per the approved configuration standard and baselines.
Training & Knowledge share:
- Key point of contact for technical knowledge within the solutions implemented or operated by the department.
- Be able to develop and deliver IAM and PAM training to both technical and non-technical staff
- Adhere to security policies when designing and implementing solutions
- Monitor issues / remediation activities to ensure gap closure to fulfil security control objectives and meet mandatory external requirements.
- Work in a team environment to educate and analyze security threats and alerts and help develop other activities for reviewing and monitoring mandatory security controls. Product Responsibilities:
- Support in monitoring and identifying gaps in policies, procedures, or implementation of solutions.
- Reporting findings to management.
- Actively participate in the department’s projects and support other sub processes.
- Perform ad hoc additional duties as required.
- Leading IAM tools (One Identity, CyberArk, Okta, Ping Identity, etc.)
- Privilege Access Management solution (CyberArk, beyond Trust etc),
- Familiarity with multiple operating systems (Linux, Windows, etc.)
- Strong understanding of directory services (LDAP, Active Directory, etc.)
- Network Security tools such as Nessus, Tripwire, SolarWinds
- Well versed with Azure and AWS security aspects
- B.E or BTech in Information Technology/ Computer Science/Electronics
- Certified AWS Solution Architect
- MS Azure Certified
- Solar Winds Certified Professional
- ITIL V3 Certified
- CISCO CCNA certified
- Minimum 5 to 7 years of hands-on experience in IT and Security related projects including implementation/ advisory and Trouble shooting and support