Access management SecDevOps - Analyst

To be successful as a " Access management SecDevOps - Analyst", you should have experience with:

Basic/ Essential Qualifications:

• Analyse 2FA processes, controls and systems to identify areas for improvement.

• Develop and implement process improvements, automate solutions and system enhancements for 2FA.

• Collaborate with stakeholders to gather requirements, define solutions and test implementations.

• Evaluate and recommend 2FA solutions including various 2FA applications and technologies

• Identify and mitigate security risks related to 2FA ensuring compliance with regulatory requirements.

• Maintain and continuously improve 2FA controls, ensuring their effectiveness and efficiency.

• Conduct regular audits and reviews of 2FA controls to ensure compliance and identify areas for improvement

• Develop and maintain documentation for 2FA processes, controls and procedures.

• Provide training and support to stakeholders on 2FA solutions and best practices.

• Report to management on initiatives, progress and issues, providing insights and recommendations for improvement

• Work with cross-functional teams, including IT, security and business stakeholders to drive implementation and adoption of 2FA solutions.

• Minimum Qualification - bachelor s degree.

Desirable skillsets/ good to have:

• Knowledge of various 2FA applications and technologies e. g. Google Authenticator, Microsoft Authenticator, RSA

• High-level understanding of database management systems including MS SQL and Oracle.

• Proficiency in writing SQL queries and reporting.

• Advanced Excel skills including pivoting, data analysis and visualization.

• Familiarity with data analytics and reporting tools.

• Understanding of identity and access management (IAM) principles and technologies.

• Risk assessment and mitigation methodologies for 2FA and IAM solutions.

• Knowledge of multi-factor authentication solutions including RSA SecurID, Duo Security, YubiKey, Silverfort MFA and other MFA solutions.

• Understanding of authentication protocols such as OAuth, SAML and OpenID Connect.

• Familiarity with adaptive authentication and behavioural biometrics.

• Strong business analysis skills including requirement gathering, business case development and solution justification.

• Understanding of change management principles and strategies to drive user adoption of 2FA solutions.

• Experience with solution implementation planning including, Business requirements definition, solution integration planning, user acceptance testing (UAT) planning and execution, change management and training planning, and solution deployment and rollout planning

• High level understanding of information security frameworks and standards e. g. NIST Cybersecurity Framework.

This role will be based out of Pune.

Purpose of the role

To manage and implement Identity and Access Management (IAM) policies, processes, technologies and standards for all IAM functions to ensure the secure access and use of sensitive information across the organisation.

Accountabilities

• Collaboration with stakeholders and IT teams to understand, analyse and implement IAM solutions into the banks process and infrastructure needs including authentication, authorisation, access management and single sign-on capabilities.
• Management and development of policies, processes and standards for all essential IAM functions aligned to the banks security and regulatory requirements.
• Execution of IAM audits to monitor processes and ensure that they comply with policies and regulations and identify potential security risks.
• Execution of incident investigations to respond to IAM related security events, identify the root cause of the incident and implement corrective measures efficiently.
• Identification of emerging IAM technologies and industry trends by collaborating with networks and conferences to gain IAM expertise and best practice.
• Development of IAM governance documents and reports to align the implementation and adherence of policies across the organisation.

Analyst Expectations

• To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.
• Requires in-depth technical knowledge and experience in their assigned area of expertise
• Thorough understanding of the underlying principles and concepts within the area of expertise
• They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources.
• If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others.
• OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate.
• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Takes responsibility for end results of a team s operational processing and activities.
• Escalate breaches of policies / procedure appropriately.
• Take responsibility for embedding new policies/ procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex / sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.