Role Purpose:

• The role is primarily to enforce logical security at the various layers of the Bank’s IT infrastructure (network, database, application and operating system layer)
• Administration of users across all applications in the bank including Finacle and Active Directory.
• Management of user roles on the applications that support Role Based Access Control (RBAC)
• Provide password management support for users across multiple platforms.
• Periodic review of user login activities for inactive or unused user profile
• Provide input for security awareness based on identified risk in user management activities.
• Ensure security of all Information entrusted to the staff.

Key Responsibilities:

• Enforcing logical security at the various layers of the Bank’s IT infrastructure (network, database, application
  and operating system layer)
• Ensure IAM solution is functional and serving the business.
•  Management approval of user roles on the applications that support Role Based Access Control (RBAC)
• Provide password management support for users across multiple platforms.
• Periodic review of user login activities for inactive or unused user profile.
• Provide input for security awareness based on identified risk in user management activities.
• Ensure security of all Information entrusted to the staff.
• Review of staff in sensitive units.
• Review of AD sensitive groups to identity excessive privilege.
• Manage privilege account through the use of PAM and Azure PIM.
• Manage MFA profiling using Cisco Duo MFA and Office 365 MFA portal.

Reporting:

• Weekly, Monthly and Quarterly report of new access
• Weekly, Monthly and Quarterly report of access violation
• Weekly, Monthly and Quarterly report of staff role change
• Weekly, Monthly and Quarterly report of new access removal
• Report on Prevent unauthorized access to systems and services.
• Periodic Review of access to telecom assets for all Users
• Password Policy compliance monitoring and report
• Report Data for Root Cause analysis of detected incidents should be available

Qualifications

Education:

• Certified information systems security professional (CISSP)
• CAP Certified Authorization Professional
• SSCP Systems Security Certified Practitioner
•  Any certification on access and authorization
• Any Certification of Microsoft Cloud
•  CompTIA Certification on Security

Tools:

• Azure AD PIM
•  MS Cloud Apps
•  IAM solution
• PAM (Thycotic Privilege Manager)
• Manage Engine ADPlus
• Microsoft Cecurity Center
• Microsoft EDR portal

Required Skills:

•  Knowledge of the Bank’s IT solutions
•  Effective Communication and Presentation skills
• Good report writing skills
• Consistent feed on local and global fraud trends
•  Ability to identify appropriate security controls to address existing/potential risk
• Good knowledge of Information Security best practices
• Proficiency in the use of Microsoft Office Tools