Descrição
Job Description
Job Purpose:
Responsibilities:
Main Tasks & Accountabilities:
- Execute and manage all User Access Management activities for the bank’s IT systems, including user creation, deletion, modification, and password management.
- Ensure the user lifecycle management and their access according to user status (e.g., new hires, terminations, transfers).
- Implement approved access rights templates to standardize access control across systems.
- Review and update the access matrix on a quarterly basis to ensure it reflects current roles, responsibilities, and access levels.
- Regularly review and update user access rights to ensure compliance with internal policies and regulatory requirements.
- Monitor and report access violations promptly, using appropriate tools to detect and address unauthorized access.
- Conduct regular checks and validations to ensure that user profiles and access rights are accurately reflected in the system.
- Work closely with department heads and stakeholders to identify and implement improvements in access control procedures.
- Manage and resolve user access requests or incidents through the bank’s ticketing tool, ensuring adherence to User Access Management Service Level Agreements (SLAs).
- Identify and mitigate risks related to unauthorized access, ensuring the security and integrity of the bank’s IT systems.
- Generate and present reports on access management performance, including access review completion rates, violations, and compliance with audit findings.
- Ensure all user access management activities comply with the bank’s policies, procedures, and security standards.
- Participate in related initiatives, projects, and any other duties assigned by management, contributing to the continuous improvement of access management processes.
- Job Location
- Muscat
- Relevant Experience in Years
- 4 Years
- Required Qualification
Essential (E): Diploma \Bachelor’s degree in Information Technology, Computer Science EngineeringPreferred (P): Diploma \Bachelor of Science in Information Security- Special Certification
Professional Qualification:MCSE, Security + and Network
- Any Other Relevant Information
General Competencies
- Excellent understanding of cybersecurity and IT security domains: Demonstrates strong knowledge of security frameworks, tools, and best practices to protect systems from threats.
- Knowledge of banking systems, technologies, and processes: Familiar with the technical infrastructure, software, and workflows typically used in banking environments and able to manage access accordingly.
- Ability to work under pressure: Maintaining performance and meeting deadlines in high-pressure environments while ensuring accuracy and security standards.
- Willingness to work after regular working hours: Available to handle urgent tasks or incidents that may arise outside of regular business hours.
- Willingness to adapt and learn: Open to learning new technologies and processes and adapting to changes in a dynamic environment.
- Strong attention to detail: Able to thoroughly review access rights and security policies and identify discrepancies or risks.
- Effective communication skills: Collaborating with various departments (e.g., IT, audit, &etc.) and communicating access management issues or changes.
- Problem-solving and analytical skills: Quickly diagnose and resolve access-related incidents or violations.
- Knowledge of compliance and regulatory requirements: Understand relevant laws and regulations related to data protection, privacy, and banking security (e.g., GDPR, PCI-DSS).
- Experience with user access management tools and technologies: Proficient in using access control systems, ticketing tools, and security monitoring tools.
- Teamwork and collaboration: Ability to work effectively in cross-functional teams, ensuring alignment with broader organizational goals.