IDB2937 - Senior Identity & Access Management Specialist

• Design and maintain the identity and access management architecture and roadmap in collaboration with Enterprise Architects, Solution Architects, Solution Operations and Infrastructure Operations across the application and IT Infrastructure technology landscape to manage authentication and access across all IsDB systems and data
• Collaborate with the Enterprise Architecture, Technology Risk, Risk Management, and Internal Audit functions to address complex identity and access management requirements within the three lines of defense organizational model 
• Develop and maintain identity and access management policies, processes, and procedures according to industry frameworks and standards in coordination with the Technology Risk and Assurance function 
• Ensure compliance to organizational identity and access management policies, standards and guidelines for HQ and Regional Hubs covering cloud services, data centers, network, servers, communication solutions, disaster recovery sites, end user computing, databases, solution platforms, business applications and websites  
• Manage third parties delivering identity and access management operations for HQ and Regional Hubs to ensure appropriate access for business users and IT personnel of the IT landscape in compliance with defined policies, processes and SLAs
• Collaborate with Solution Delivery and Technology Operations teams to onboard and integrate new business applications and IT services with the identity and access management solutions and processes as part of the transition of business solutions and IT services from the implementation phase to the operations phase 
•  Participate as a standing member of the Change Advisory Board to ensure all changes within the IsDB technology environment are complying with identity and access management policies and standards 
• Plan and manage the implementation of proactive risk assessments and compliance reviews to assess the risks associated with access to IsDB systems and data and monitor compliance to standards and processes for access across the IsDB IT environment
• Ensure that the identity life cycle policies, processes and standards covering the joiner, mover and leaver scenarios are defined and adopted for all categories of users who require access to IsDB system and data including staff, consultants, contractors and others 
• Lead the planning and implementation of periodic access reviews across business solutions and IT infrastructure components to ensure appropriate access to systems and data for business users, IT personnel and third parties to reduce the risk of abuse or fraud 
• Establish and maintain technical standards for authentication and authorization design and implementation for all IsDB applications, IT services and technology components 
• Design and implement standards, processes and solutions for managing and monitoring privileged access to IsDB systems and data to reduce the high risk related to super user access within the IT environment 
• Oversee the second and third levels of support and response for identity and access incidents and requests 
• Manage the implementation and integration of identity and access monitoring across the IsDB IT environment within the overall security monitoring framework
• Design and implement the integration of identity and access management processes and solutions with the IT service management processes and solutions, including integration of scope and processes covered by 3rd party service providers 
• Manage the solution landscape that supports the identity and access management processes including authentication, identity governance, identity administration, privileged identity management and compliance 
• Provide training and awareness on identity and access management topics across business solutions and IT services to enhance the adoption during solution implementation, infrastructure and security operations, IT service management and other domains in accordance with organizational policies, processes and standards
• Prepare and present detailed and summary identity access management reports to accurately represent plans, status and risks to IMDT, business and management stakeholders
  
  

Academic and professional qualifications: 

• Bachelor’s degree in Computer Science, Engineering, Information Technology or related field 

Experience:

• 8+ years of experience in information security and identity and access management 

Languages:

• English - Mandatory
• Arabic - Preferred
• French - Preferred
  
  

• Experience in architecting, designing and implementing identity and access management solutions, including for privileged access
• Experience in managing identity and access management operations
• Experience in designing authentication and authorization standards
• Experience in designing and implementing joiner, mover and leaver processes
• Experience in planning and performing access reviews, access related risk assessments and access-related standards compliance reviews
• CISSP, ISO 27001, CISM or other relevant information security industry recognized certification
• Good understanding integration requirements for business solutions and IT infrastructure components for identity and access management