Update day: 14-02-2024
Maintains effective access controls to support adequate protection of QBE data and resources by leading the facilitation and execution of global identity and access management processes and associated control activities to support onboarding, offboarding and access recertification. Ensures a quality access management service including processing of complex, high-volume joiner, mover, leaver and change requests. Support Senior Analysts and Team Leader with projects and larger initiatives requiring audit, risk assessment, process and technical expertise across a highly regulated environment. Liaise with customers at all levels, including senior and executive leadership.
• Manage demand through the global ticket and request management tool to ensure effective queue management
•Collaborate with global peers and participate in internal meetings to share and develop knowledge and best practice
•Maintain least privileged access to QBE systems for joiners, movers, leavers (JML) and authorized users, ensuring access granted is in line with job function, controls are maintained, or access removed in a timely manner
•Respond to information security and access-related questions and inquiries, using available information security tools and procedures ensuring adherence to QBE’s defined service processes (e.g. Incident, Request, Change, Problem, etc.) and ITIL best practice guidelines
•Manage requests for additional access to QBE systems, ensuring these are met within accordance to agreed controls, protocols (least privileged) and SLA’s
•Consistent compliance with defined controls, processes and QBE security policies and standards
•Proper analysis and autonomous decision making to ensure no separation of duties conflicts exist with access granted
•Timeliness and accuracy to JML and additional access requests, meeting or exceeding defined SLAs and performance targets
•No major security risks/control failures or breaches.
•Demonstrable continuous business process improvement
•Build and maintain strong and effective relationships with business customers at all levels of the organization to ensure service delivery meets expectations.
•Provide advice and guidance for IT security and user access-related activities; ensuring customers are aware of key issues and able to implement correct procedures and protocols.
•Build effective relationships with other departments within IT to ensure smooth end-to-end management of tickets (requests and incidents).
•Independently analyze requests to ensure proper separation of duties and least privileged concept is applied when granting access (across multiple, complex platforms).
•Produce accurate management information to enable effective reporting, decision making and action.
•Investigate and resolve access related inquiries, ensuring effective resolution in line with key controls and processes, minimizing business disruption.
•Administer Active Directory (AD) and other key applications, operating systems/platforms, ensuring information (i.e. identity data) held is current and regularly updated.
•Maintain relevant audit trails to support control activities relevant to the JML processes.
•Independently respond to audit inquiries and activities related to access controls, where required.
• Associate’s Degree or equivalent combination of education and work experience
• 3 years relevant experience
• A logical approach to analyze access requests and issues; leverage technical knowledge
•Communicates information in a clear, well-organized, and professional manner, at all levels within the organization
•Follow established guidelines to focus on details and complete tasks attentively and thoroughly
•Escalate issues when necessary
•Prioritize various competing tasks according to their urgency
•Maintain a customer focus and build relationships; ability to proactively manage customer expectations
•Problem solving and analytical skills
•Flexibility, can easily adapt to quickly changing priorities
• Bachelor’s Degree or equivalent combination of education and work experience
Preferred Education Specifics
• Degree in Computer Science, Information Systems or related field
• Experience with identity and access management; working in a complex, demanding, fast-paced environment;
•Experience with Active Directory (AD), RACF and other access management tools.
•Experience within financial services, preferably insurance industry
•Experience working with outsourced service partners
• Certified in Risk and Information Systems (CRIS)
•Certified Information Systems Security Professional (CISSP)
• Ability make autonomous decisions when analyzing requests to ensure appropriate risk-based outcome
•Applied working knowledge of security and access management principles, including separation of duties (SoD) concept
•Understanding of fundamental IT concepts, systems, tools and technologies
•Working knowledge of network security and administration processes, basic computer troubleshooting and general industry best practices Knowledge of External and Internal Audit, SOC1, and other access control reviews
Click to apply for free candidate
⏰ 12-03-2024🌏 Bicol Region, Catanduanes, Negros Oriental
⏰ 16-03-2024🌏 Bohol, Central Visayas
⏰ 24-03-2024🌏 Central Visayas, Bohol, Marinduque
⏰ 26-03-2024🌏 Central Visayas, Bohol, Agusan del Sur
⏰ 12-03-2024🌏 Bohol, Central Visayas