Access Control Administrator
Role Purpose:
- The role is primarily to enforce logical security at the
various layers of the Bank’s IT infrastructure (network, database, application
and operating system layer)
- Administration of users across all applications in the bank
including Finacle and Active Directory.
- Management of user roles on the applications that support
Role Based Access Control (RBAC)
- Provide password management support for users across multiple
platforms.
- Periodic review of user login activities for inactive or
unused user profile
- Provide input for security awareness based on identified risk
in user management activities.
- Ensure security of all Information entrusted to the staff.
Key Responsibilities:
- Enforcing logical security at the various layers of the
Bank’s IT infrastructure (network, database, application and operating
system layer)
- Ensure IAM solution is functional and serving
the business.
- Management approval of user roles on the applications
that support Role Based Access Control (RBAC)
- Provide password management support for users across multiple
platforms.
- Periodic review of user login activities for inactive
or unused user profile.
- Provide input for security awareness based on identified risk
in user management activities.
- Ensure security of all Information entrusted to the staff.
- Review of staff in sensitive units.
- Review of AD sensitive groups to identity excessive privilege.
- Manage privilege account through the use of PAM and Azure PIM.
- Manage MFA profiling using Cisco Duo MFA and Office 365 MFA
portal.
Reporting:
- Weekly, Monthly and Quarterly report of new access
- Weekly, Monthly and Quarterly report of access violation
- Weekly, Monthly and Quarterly report of staff role change
- Weekly, Monthly and Quarterly report of new access removal
- Report on Prevent unauthorized access to systems and services.
- Periodic Review of access to telecom assets for all Users
- Password Policy compliance monitoring and report
- Report Data for Root Cause analysis of detected incidents
should be available
Qualifications
Education:
- Certified information systems security professional (CISSP)
- CAP Certified Authorization Professional
- SSCP Systems Security Certified Practitioner
- Any certification on access and authorization
- Any Certification of Microsoft Cloud
- CompTIA Certification on Security
Tools:
- Azure AD PIM
- MS Cloud Apps
- IAM solution
- PAM (Thycotic Privilege Manager)
- Manage Engine ADPlus
- Microsoft Cecurity Center
- Microsoft EDR portal
Required Skills:
- Knowledge of the Bank’s IT solutions
- Effective Communication and Presentation skills
- Good report writing skills
- Consistent feed on local and global fraud trends
- Ability to identify appropriate security controls to
address existing/potential risk
- Good knowledge of Information Security best practices
- Proficiency in the use of Microsoft Office Tools
How To Apply
