Senior Identity & Access Management Governance Analyst

Primary Details Time Type: Full time Worker Type: Employee Maintains effective access controls to support adequate protection of QBE data and resources by leading the facilitation and execution of global identity and access management processes and associated control activities to support onboarding, offboarding and access recertification. Trains users and team members as required; support Team Leader with projects and larger initiatives requiring audit. risk assessment, process and technical expertise across a highly regulated environment. Liaise with customers at all levels, including senior executive leadership.

Primary Responsibilities

• Lead implementation and maintenance of identify and access management, and security-related processes and procedures by providing recommendations around policies, standards, procedures, regulatory compliance and best practices; identify opportunities for improvement and/or update

•Manage intake demand through Company request and incident management system and delegate appropriate levels of work to team members

•Maintain least privileged access to QBE systems for joiners, movers leavers (JML) and for authorized users, ensuring access granted is in line with job function, controls are maintained or access removed in a timely manner

•Lead facilitation and management of access recertification/revalidation processes on periodic basis (monthly, quarterly, annually, etc.) for in-scope applications and systems based on risk, audit and business owner direction

•Ensure work queue remains within tolerance limits, with focus on meeting or exceeding defined SLAs and other key measures

•Timeliness in processing requests and responding to incidents (end-to-end); performance against defined SLAs and other key measures

•Response to incidents raised because of incorrect access applied and/or failures in technology; follow through on ensuring avoidance of repeat incidents not resulting in technology failure

•Coverage and effectiveness of access recertification/revalidation activities and program, with no audit findings for identified scope

•Build and maintain strong, effective relationships with business customers at all levels and Technology Services to ensure effective end-to-end request management and positive customer experience

•Provide regular advice, guidance and ongoing awareness for access-related activities and processes, ensuring business customers and peers are aware of key issues and required activities, including people leader responsibilities (i.e. onboarding/offboarding notification and access re-certification/validation)

•Independently analyze requests to ensure proper separation of duties and least privileged concept is applied when granting access (across multiple, complex platforms)

•Produce accurate management information to enable effective decision making and action

•Investigate and resolve access-related queries/issues, ensuring effective resolution in line with defined control activities and procedures, minimizing business disruption

•Administer Active Directory (AD) and other Company technologies and sources, ensuring information (i.e. identity data) held is current and updated regularly

•Coach, motivate and develop Access Management Analysts to ensure overall delivery (quality and output) of services provided is to an appropriate high standard

•Support and execute, where required, QA of team’s work to ensure an effective, monitored control environment

•Foster a culture of continuous improvement, motivation, collaboration and empowerment within the team to actively engage employees and ensure delivery of team objectives

•Collaborate across Technology Services department by consulting, gathering and analyzing information required to support effective control execution, including onboarding of new applications and other Service Design & Transition initiatives

•Contribute to development and management of Service Improvement Plan for Global User Access Management to ensure increased flexibility, enhanced customer experience, improved cost effectiveness and overall continuous improvement

Required Education

• Bachelor's Degree or equivalent combination of education and work experience

Required Experience

• 5 years relevant experience

Preferred Competencies/Skills

• Ability to proactively manage customer expectations

•Understand needs and goals of the customer and actively look for ways to meet them

•Problem-solving and analytical skills with high attention to detail

•Identify opportunities for synergy and integration

•Assume methodical approach to evaluate situations

•Excellent oral and written communication skills

•Outstanding customer service focus

•Ability to work with all levels of the organization

•Flexible

•Share knowledge and educate others

•Communicate complex information in a user-friendly format

Preferred Education Specifics

• Degree in Computer Science, Information Systems or related field

Preferred Experience

• Experience with IT user access management

•Working in demanding, fast-paced environment

•Experience with Active Directory, RACF and other access management tools/systems

•Experience interviewing others on technical or functional requirements

•project management and/or business analyst level role within complex multi-platform environment

Preferred Licenses/Certifications

• Certified in Risk and Information Systems (CRIS)

•Security +

•Certified Information Systems Security Professional (CISSP)

Preferred Knowledge

• Understanding of applicable regulatory requirements, policy and standards best practice

•Up to date with technical developments to ensure accurate and up-to-date service is provided to customers

•Applied working knowledge of information security policies and procedures, including segregation/separation of duties (SoD) concept

•Understanding of fundamental IT concepts, systems, tools and technologies

•Knowledge of External and Internal Audit, SOC1, and other access control reviews

•Working knowledge of products and concepts relating to insurance industry

Skills:

Active Directory Software, Adaptability, Analytical Thinking, Critical Thinking, Customer Service, Decision Making, Identity and Access Management (IAM) Operations, Intentional collaboration, IT Security Operations, Managing performance, Operating Systems (OS), Problem Solving, Risk Management, Service Delivery, Stakeholder Management

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.