Log In Sign Up

Lead Access Manager - Security and Compliance

Premium Job From ABWRecruitment

Recruiter

ABWRecruitment

Listed on

7th June 2017

Location

Sunbury-on-thames

Type

Contract

This job has now expired please search on the home page to find live IT Jobs.

My Client based in Sunbury requires a Lead Access Manager - Security and Compliance

The Identity and Access Management area is a highly complex landscape with enormous projected growth over the next 3 years, particularly as my client moves towards being a cloud first organisation. There is significant demand and investment, with a number of high profile projects in this space.

The Identity and Access Management team sit within Infrastructure and Integration Services, End to End Service Management. We deliver and manage a suite of common processes and services to enable Identity and Access management to users across applications and directories. This is based upon the ITIL framework.

This area owns the accountability for operating the following set of services, including the Processes, Applications and Infrastructure that deliver these.

? Identity Management

? Application Access Management

? Segregations of Duties (SoD) management

? Role Based Access Management

? High Privileged Access Management

? Unique Identifier

? Joiner Mover and Leaver

? Single Sign On to Cloud Based Applications

? Multi Factor Authentication

? Keon Directory

? Password self service

This role will be working alongside a global team of Service Leads and Analysts primarily in the Application Security and Access Management space. It is responsible for service delivery and managing services primarily for SAP access management and role management. This involves working closely with the team, suppliers, project teams and stakeholders, to deliver high quality and safe reliable operations for application security.

The Lead Access and Application Security Service Manager will also be providing direction on the service where appropriate and responsible for reviewing and approving technical designs for role management.

This role requires technical knowledge in the SAP Security space and strong service management experience.

There will be a requirement to work closely with a number of teams across geographies and time zones. Also, to deputise for the Global Service Owner or the other Service Leads in the team when required.

This role will help to establish best practice and improvements within the Access and Application Security Management service. Regular monitoring and tracking of compliance of processes will also be essential for internal and external audit requirements.

Key Accountabilities:

These include, but are not limited to;

Responsible for the service management of Application Security services.

Responsible for ensuring the safety and security of SAP applications under E2E Accountability

Provide consultation to business liaisons to ensure appropriate levels of security administration are applied to critical business applications.

Manage supplier relationship. Ensure service is delivered in line with expected service levels. Ensure performance is monitored.

Responsible for ensuring suitable controls are in place so that the right users have the right access at the right time.

Review SAP security designs and relevant data within the guidelines of security governance when requested by support teams and internal audit.

Build and maintain relationships with Project Teams, BAS organisation, Customers and Senior Stakeholders.

Act as a Stakeholder for all Projects delivered into SAP Security operations, ensuring they meet requirements, are fit for purpose, and deliver safe and reliable operations.

Ensure incidents, problems and events are managed effectively by working closely with Third Party Vendors/Managed Services (IBM, HP, Infosys, Wipro, etc) and internal teams related to application security for supported applications.

Drive the teams to ensure robust Root Cause Analysis of incidents and any repeated service issues are understood and have actions in place to address these.

Deliver quality management information on the Operational Performance of our estate.

Identify areas of continuous improvement and take active steps to improve service.

Ensure the Access Management processes and their end-to-end effectiveness are maintained, documented and in compliance with all corporate standards and policies.

Manage and work with the IT&S teams to identify where access privileges are inappropriate. Work closely with Digital Security and BAS.

Ensure the teams maintain compliance monitoring of corporate security policies and regulatory guidance with regards to user access and broader information security matters.

Facilitate the necessary remediation actions in relation to SOX regulatory requirements and Security related risks.

Risk Management. Manage Access and Identity risks in line with all Risk Policies and Processes

Take accountability for escalating security related issues and concerns to leadership and Digital Security

Essential Criteria:

Service Management experience in a global organisation.

In-depth understanding of all aspects of SAP Security models

Must know the basics of SAP user administration, role administration- end to end process.

Good understanding and experience in SAP GRC Access Control module and other GRC tools

Fluent with compliance, regulatory requirements such SOX, internal & external audit requirements

Results-driven, logical and methodical approach to achieving tasks and objectives

Evidence of ability to operate under own initiative, as well being able to work with the wider IT&S teams to deliver the service.

Ability to facilitate effective teamwork and build strong collaborative relationships in a global organisation.

Good written and verbal communication skills.

Ability to establish excellent working relationships with key stakeholders and across geographies.

Good influencing capabilities.

Proactive, delivery focussed individual

Drive and energy to meet challenging performance objectives

Experience of using Office applications such as Excel and PowerPoint to analyse, interpret and present data.

Understanding of the practical aspects of Identity & Access management.

Understanding of regulatory requirements i.e. Sarbanes-Oxley.

ITIL V3 Foundation qualification minimum

Desirable Criteria:

Ability to lead small to medium teams.

Experience of data analysis. Can demonstrate a track record of analysis supporting a number of significant business units in a complex multi-region multi-application environment.

Experience with IBM Identity and Access Products (ISIM, CIS, IDAM)

SAP HANA security experience

Knowledge of the requirements of the international standard for Information Security Management Systems (ISMS) - ISO 27001

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox