Travelex
Location
Mumbai | India
Job description
Role purpose
Reporting into the IT Security Governance Manager, this role will encompass defending Travelex against cyber threats. This role has a dependency on optimising our technology to be based on sound cyber security principles for us to accurately manage and defend against any such attack placed upon the organisation.
Cyber Security is seen as a key strategic pillar within the organisation as the methods attackers use evolve Travelex recognises the requirement to remain dynamic in its defence against such threats. The purpose of this role is to lead all Information Security matters relating to Identity & Access Management. The candidate will be required to provide technical expertise, guidance, and support in Identity and Access including the delivery of IDAM services . The successful candidate will have a broad Infosec & governance knowledge, security monitoring, up to date know of threat landscape, ISO, SOC type 2, GDPR, Cyber Essentials, Risk, Compliance and Governance.
At this level, you will:
· work on the IDAM project helping to setting a strategy process for BAU identity access management that can be used in the long term and across the breadth of the organisation
· communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles, and strategy for Identity Access Management processes and audit plans
· recommend security design across several projects or technologies, up to an organisational or inter-organisational level
· have a deep and evolving level of technical expertise, so you audit and review technologies on-prem, in the cloud and familiar with AD.
· able to pull together reports for identity access management to all levels of key stake holders.
· able to review and improve gaps in the identity access management process and able to report findings on what working well and any improvements with recommendations for maturing what we do today.
· be a recognised expert and demonstrate this expertise by solving unprecedented issues and problems
· further the profession, demonstrating and sharing best practice within and outside the organisation
Key accountabilities
Relationship management
· Develops and maintains robust relationships with key business stakeholders to ensure assurance analysis is visible and in line with agreed customer expectations.
· Ensures the smooth integration of new Identity Access Management assurance standards.
· Raise awareness and profile of cyber challenges for not having good Identity Access Management across the business at all levels.
Analyst information
· Produces accurate, timely and relevant MI for the Head of Security Operations, IT Security Governance Manager, CISO and the team as required.
Communication
· Responsible for pro-active and regular communication with other areas of IT and the business in relation to Assurance analysis.
General
Essential
· Analysing risks and anomalies in identity and access management controls, such as leavers analysis, movers analysis, and privileged account usage.
· Conducting periodic reviews of entitlement data and role compositions, collaborating with application and business owners to address issues.
· Providing input on identity and management controls for new products and change programs.
· Maintaining the identity and access management risk and control framework.
· Designing and executing user access review campaigns.
· Advising on password management control designs and conducting periodic testing.
· Supporting the Privileged Access Management Technology Product Owner in onboarding new accounts.
· Assisting the Security Operations Centre in resolving identity and access management-related alerts and incidents.
· Advising on conditional access policy designs and performing periodic testing.
· Providing guidance on authentication controls designs and conducting periodic testing.
· Assisting in responding to external and internal audit queries related to Identity and Access Management.
· Reporting against defined key performance indicators (KPIs) for Identity and Access Management.
· Offering input to the security operations team in responding to organisational identity and access management risk-related queries. Advocating for information security across the organisation, fostering a culture of security risk awareness and mitigation.
Desirable
· Strong verbal and written English communication. Ability to communicate effectively at all levels and to influence key stakeholders.
· Professional approach with a confident assertive style and strong interpersonal and presentation skills
· Ability to build and maintain strong relationships with peers and colleagues.
· Financial Services industry experience.
· Familiarity with ITIL concepts as incident, problem and change management.
· Certification such as CISSP, CISM, CISMP, GCIH, CEH, CCNA Security, Security+, CHFI, etc.
· Working Knowledge of IT Security Compliance (PCI DSS, Data Protection Act, SOC 2, Sarbanes Oxley, ISO17799, etc)
· Bachelor's Degree in computer Science/Cyber/IT/Electronics Engineering, M.C.A. or equivalent University degree
· Minimum of 4-6 years of experience in the IT security industry.
Job tags
Salary
