Role purpose

The Manager of Identity and Access is responsible for planning, designing, and implementing Identity and Access Management (IAM) services across the organization to provide the correct individuals with access to the right resources, by working together with different stakeholders as solution architecture, enterprise architecture, business owners and others.

Responsibilities

• Strategic leadership of IAM within GBS IT
  • Develops and articulates identity and access management strategies that continuously monitors and improves the security of client-facing and internally facing applications
  • Implements and operates state of the art privileged and system account access management practices.
  • Develops and implements solutions to support access authentication, authorization and provisioning while standardizing and streamlining IT security administration processes.
  • Responsible for maintaining the integrity, security, and performance of the Active Directory environment.
  • Manages relationship with customers of the IAM services (BA-s, GRIT, etc.)
  • Manages relationship with all stakeholders of the IAM services (GRIT management, other cyber security team management, GBS IT management)
  • Leads discussions with business units to review and approve mitigation strategies for areas of non-compliance with information security policy and standards (including internal and external audit findings).
  • Collaborates with business and technology teams (e.g. GBS IT Compliance, GBS IT Governance, etc.) to create and maintain IAM risk management policies and standards reflecting the company's risk appetite and industry best practices to assure robust controls.
• Operation, reporting
  • Governs and continually improves processes/procedures that focus on risk-based access controls; provides the least allowable access required for business operations, including role-based access modeling.
  • Fosters a high-performance culture and team by developing their skills and effectively managing the quality of automated access security services delivered.
  • Monitors automation performance by including benchmarking and tracking performance against service improvements.
  • Responsible for the senior management reporting on the relevant security services and support area (in collaboration with the reporting team)
• Vendor management
  • Manages relationship with the vendors serving IAM in GBS IT
  • Sets KPI, SLA, requirements towards relevant vendors
  • Manages performance of the relevant vendors
• Escalation point
  • Higher level escalation point on all EIT and ICS related GBS in scope IAM services, processes, performance, operation
• Project Managment
  • Overall responsibility on all EIT and ICS related IAM projects, in scope for GBS
• Organization, Team, People
  • Overall responsibility on the right staffing of the GBS IAM organization with the right capacity and skillset
  • Direct manager of the IAM Team Leaders

Requirements

• Minimum of seven years' experience in IAM. Developing, implementing and/or architecting IAM systems, directory service, active directory, Azure active directory, LDAP, and cloud-based identities.
• Minimum five (5) years' experience managing a team.
• Experience and working knowledge of cloud (IaaS, PaaS, SaaS), IT infrastructure, IAM solutions, network, compute, storage, and security technologies to guide in the preparation of related recovery procedures. Financial industry regulatory experience a plus (FFIEC, FDIC, OCC, SOC, SOX).
• Bachelor's or master's degree in IT, engineering, business, management or a related field, or equivalent work experience
• Tertiary qualifications in information or IT security, or industry qualifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or the equivalent is an advantage