About us* At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. Were devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services. Process Overview* The Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary data, and customer information. The team develops the Banks Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities, develops, deploys and manages a risk-based controls portfolio, manages and operates global security operations center that monitors, detects and responds to cybersecurity incidents. GIS Identity & Access management (IAM) Access Control Team goal is to ensure that the control processes and effectiveness are within the identified risk tolerance. Manages the performance and effectiveness of the working control through the establishment of metrics with thresholds. Validate the reasonability of Laws, Rules and Regulations mapping alignment to the controls, as aligned by the GIS Policy team. Job Description* Establishes a framework of policies and technologies as it relates to the identity lifecycle through collaboration with HR, Identity Services, and resource owners. Is the IAM subject matter expert on joiner, mover, leaver, application and account lifecycle, and dormancy best practices. Reinforces the need for proper data and process alignment to manage the lifecycle of identities through hands on support activities. Provides tool and process support, Leverages data analytics to design, develop, and implement digitalized solutions as part of automation ecosystem. Analyzes operational processes, system, application and data flows to determine best uses of straight through processing, automation, and AI solutions . Connects with stakeholders on product / process pain points and recommends improvements. Coordinates with Governance services on new or changing controls and executes accordingly. Socializes changes to framework and provides education to those who need it. Works with 1st line customer service to identify improvements across the capability. Responsibilities* Participate in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations. Collaborate in the design, implementation, and support of the IAM technologies. Assist with the development, implementation, and support of RBAC. Ensure all evidence of authorization is documented and archived according to internal standards. Manage the permissions and entitlements. Business Rules - observing and responding to inflow of violations/exceptions that occur as part of the Business Rules Engine (BRE) controls Act as the subject matter expert for RBAC And Access Bundling. Troubleshoot security and workflow issues independently or in collaboration with other Information Systems teams and/or stakeholders, while adhering to internal service standards. Generate reports to perform in-depth analysis and data collection for issues associated with IAM. Requirements* Education* BE/BTECH/MCA/MSC (IT) equivalent (Any Technical Degree) Certifications (desired) ITIL, security+, MCP, CISA, CISM, CISSP, CAP Experience Range* 6+ Years Required skills* A minimum of 3+ years of experience in Identity and Access Management domain is required. Strong understanding of IAM architecture, technology, controls, and standards Strong understanding of InfoSec and Cybersecurity Strong quantitative, Analytical, data insight and problem-solving skills Ability to review and recommend new KPIs as part of process improvements Strong experience with RBAC, PBAC, ABAC, Run-time authorization models, their operations, and controls Access Bundling Strong knowledge of scripting language (SQL, R, Python, HTML, PowerShell, Json) Database knowledge Data visualization / ETL, SME in Tableau, Power BI, and Excel PivotTable Moderate knowledge of cloud-based identity and access management solutions such as AWS IAM, Azure AD, or Google Cloud Identity Ability to efficiently acquire and utilize new skills in response to change. Experience working in a team-oriented, collaborative environment. Desired skills Linux/Windows/LDAP+SQL/Knowledge of Policy as Code Experience in one of IAM policy, tools, and standards Good communication & presentation skills Able to prioritize and execute tasks in a fast-paced environment. Job timings : 10.30am to 7.30pm Work location : Mumbai
