Security Administration Analyst - Arab Banking Corporation

Job Purpose:

Identity and Access Management (IaM) is comprised of people process and technologies that enable the creation maintenance and use of a digital identity (i.e. people or things) to ensure that the right identities have access to the right resources (e.g. application services or data). Digital identities are not just for humans therefore IaM controls should manage the digital identities of devices computers applications and services. IaM controls allow IT and Information Security to manage approved digital identities authenticate them when they log in authorize them to access preapproved resources and manage those identifies throughout their lifecycle (e.g. Joiners Movers and Leavers). Therefore the impact and the benefit of IaM to the Bank is extensive.

The Security Administration Analyst will play a key role in the Identity and Access Management Team (IaM team) and maintain IT security solutions and controls for realtime event and alarm monitoring within the Bank. The role will involve monitoring and implementing security controls for Bank ABCs systems and networks across multiple physical and virtual environments including onpremises and Cloud.

Therefore the job holder will work proactively with various security staffs overseas business units third party service providers and other internal departments in Head Office to ensure the Bank meets its obligations and as applicable requirements are translated into IaM control practices.

The role is part of the whole cybersecurity organization team and as such the job holder will also support the strategic thinking and have the operational seriousness to run several security initiatives due diligence reviews and BAU process and other nonroutine assignments at the behest of the IaM leader and GCISO as and when necessary.

Principal Responsibilities Accountabilities and Deliverables of Role:

Core responsibilities:

• Initiate and develop Role Based access controls matrices.
• Involve and supervise IAM and PAM projects from start to finish including developing project plans coordinating resources and managing timelines.
• Be able to troubleshoot IAM and PAM issues and develop creative solutions to solve problems.
• Have a strong understanding of security concepts and how they apply to IAM and PAM process.
• Be able to research and stay up to date on IAM & PAM trends and best practices.
• Work effectively with other IT team members to ensure that access management solutions are integrated seamlessly into the overall IT infrastructure.

• Administer user accounts and access privileges in the organizations identity management system.
• Work closely with the IAM team to ensure that the right people have access to the right resources.
• Responsible for the daytoday administration of security administration and PAM system.
• Work with internal customers business analysts and application teams to understand access requirements.
• Maintain and update documentation as needed.
• Participate in audits and review access control reports to identify potential risks.
• Update and maintain the IAM and PAM system according to changes in the organizations business needs

Research & Development:

• Stay abreast of emerging changes new technology developments and security threats and factor into the banks existing and future.
• Help identify new ways to solve existing production security issues.

Engineering:

• Handson technically able to configure security solutions whilst following best practices
• Help develop design automated scripts procedures to enhance and automate security processes and administrative activities.

Designing:

• Identify and reuse security solutions and consider integration with other monitoring solutions to achieve the Bank Security monitoring strategy.

Implementation:

• Assisting with installation or processing of new security products and procedures.

Testing:

• Test final security solutions to ensure they behave as expected.
• Testing security solutions using industry standard analysis criteria to ensure its configured as per the approved configuration standard and baselines.

Training & Knowledge share:

• Key point of contact for technical knowledge within the solutions implemented or operated by the department.

Governance:

• Adhere to security policies when designing and implementing solutions
• Monitor issues / remediation activities to ensure gap closure to fulfil security control objectives and meet mandatory external requirements.

Architecture:

• Work in a team environment to educate and analyze security threats and alerts and help develop other activities for reviewing and monitoring mandatory security controls. Product Responsibilities:
• Configure and troubleshoot security infrastructure devices operated by the team.
• Support in monitoring and identifying gaps in policies procedures or implementation of solutions.

Other Duties:

• Reporting findings to management.
• Actively participate in the departments projects and support other sub processes.
• Perform ad hoc additional duties as required.

Knowledge:

• Hands on Knowledge on implementation and troubleshooting of :
• Leading IAM tools (One Identity CyberArk Okta Ping Identity etc.)
• Privilege Access Management solution (CyberArk BeyonCyber TPAM)
• Strong understanding of directory services (LDAP Active Directory etc.)
• Indepth knowledge of security protocols (SSH TLS etc.)
• Proficient in at least one scripting language (Python SQL etc.)
• Well versed with Azure and AWS security aspects

Education / Certifications:

• Must be B.E or BTech in Information Technology/ Computer Science/Electronics

Ideal to have at least the below certifications:

• MS Azure Certified
• ITIL V3 Certified
• PAM certified professional.

Experience:

• Minimum 5 years of handson experience in IT and Security related projects including implementation/ advisory and Trouble shooting and support.

Personal attributes:

• Great problemsolving skills to improve the system.
• Efficient in timemanagement as well as adhere to company policies and procedures and industry best practices.
• Optimistic
• Good Team Player
• Ability to grasp quickly
• Interpersonal communication skills Problemsolving and analysis skills Evaluation skills
• Presentation Skills