Job Summary
You will be working with our client in the financial industry.
Responsibilities
User Access Review (UAR) Management
Orchestrate and manage comprehensive user access review cycles including monthly, quarterly, and annual certification processes to ensure compliance with organisational security policies and regulatory requirements.
Oversee the complete UAR lifecycle from initial data extraction through to final certification, ensuring accuracy and timeliness of all access review activities.
Compile and validate access data from multiple enterprise systems, cross-referencing user permissions and validating accuracy of access rights across all applications and platforms.
Coordinate extensively with stakeholders across the organisation to obtain timely responses and certifications, managing relationships to ensure review completion within required timeframes.
Track and follow up on access exceptions, working closely with system owners to ensure prompt remediation of identified compliance issues and security risks.
Maintain comprehensive documentation of UAR processes, findings, and remediation activities to support audit requirements and continuous improvement initiatives.
Privileged Access Management
Manage privileged access reviews within CyberArk environment, ensuring appropriate oversight of high-risk access permissions and maintaining security of critical systems.
Conduct regular assessments of privileged accounts to ensure principle of least privilege is maintained and access remains appropriate for business requirements.
IAM Audit and Compliance
Conduct comprehensive IAM audits to assess the effectiveness of identity governance controls and identify gaps in access management processes.
Perform detailed analysis of user access patterns, identifying anomalies, orphaned accounts, and potential security risks through systematic audit procedures.
Prepare detailed audit reports documenting findings, risk assessments, and recommended remediation actions for management and external auditors.
Support internal and external audit activities by providing evidence of IAM controls, access logs, and compliance documentation.
Maintain audit trails for all identity management activities, ensuring comprehensive documentation for regulatory compliance and forensic analysis.
Identity Management Operations
Support identity management cleanup initiatives including process review, requirement documentation, user acceptance testing (UAT), and ongoing Day 2 IAM operations.
Collaborate with technical teams to implement identity governance improvements and automation opportunities to enhance operational efficiency.
Participate in the design and implementation of identity management solutions that align with enterprise security architecture and compliance requirements.
Compliance and Risk Management
Ensure all identity and access management activities comply with internal policies, regulatory requirements, and industry best practices.
Identify and assess identity-related risks, developing mitigation strategies and working with stakeholders to implement appropriate controls.
Support internal and external audits by providing comprehensive documentation and evidence of access management controls and processes.
Conduct risk-based access assessments to prioritise remediation efforts and resource allocation.
Process Improvement and Documentation
Continuously evaluate existing IAM processes to identify opportunities for automation, streamlining, and efficiency improvements.
Develop and maintain detailed process documentation, standard operating procedures, and training materials for IAM activities.
Collaborate with cross-functional teams to implement process improvements and technology solutions that reduce manual effort whilst maintaining security and compliance standards.
Requirements
Bachelor’s Degree in Information Security, Information Technology, or a related field.
Proven experience in Identity and Access Management, including user access reviews, privileged access management (e.g., CyberArk), and enterprise identity platforms.
Strong understanding of identity governance principles such as RBAC, segregation of duties, and the principle of least privilege.
Hands‐on experience in identity lifecycle processes: provisioning, de‐provisioning, and access certification.
Demonstrated ability to conduct IAM audits and access assessments across complex enterprise environments, applying frameworks such as COBIT, COSO, and ITIL.
Strong analytical skills to identify anomalies, security risks, and compliance gaps through data analysis and system reviews.
Experience in process management, project coordination, and multi‐stakeholder collaboration, with attention to detail and adherence to quality standards.
Knowledge of regulatory and compliance requirements (GDPR, SOX, ISO 27001, NIST) and risk management practices related to access and data protection.
Proficiency in technical writing, documentation, and executive reporting, including dashboards for IAM metrics and compliance status.
Excellent interpersonal and communication skills, with the ability to translate technical concepts for business stakeholders and manage audit relationships.
Relevant professional certifications preferred, including CISSP, CISM, CISA, CGEIT, or CIA; familiarity with GRC platforms is an advantage.
Prior education in IT, cybersecurity, or related fields, and experience in automation or scripting to improve IAM operational efficiency.
If you are interested in this role and would like to discuss the opportunity further please click apply now or email
Chew Kai-Xinn
at
for more information.
#J-18808-Ljbffr