Identity and Access Management

Hello;

Title: IAM Consultant

Location is Chicago IL

Long term

1. Exposure to Banking/Financial domain

2. Exposure to SDLC and some level of technical background ( such as Linux Windows and Database concepts )

3. Should have some experience and knowledge with the IAM Domain Privileged Access Management Active Directory

4. Vaulting tools and break glass

5. Incident management vulnerabilities management BCP and databackups

6. Some experience with Issue Management SelfIdentified and Audit Identified.

7. Some knowledge of the 3 lines of defense which are they and how these related to risk management

8. Exposure to Audit Compliance and Risk Organizations

Perhaps a tall order not all are required and we can fine tune during the interviews.

Kindly let us know how we can coordinate the next steps such as reviewing resumes and setting up video interviews.

We will provide which members are available to interview when and in what order.

Position Summary:

The role is to carry out periodic control assessments for Global Markets Payment Applications across GMOT and GMT.

Controls to be assessed could include Inappropriate Access Reviews Inappropriate Secondary Approver Toxic Combinations Segregation of Duties Fraud analysis Logging & Monitoring Entitlement Quality.

Key tasks to include:

1. Collect the input information required for control assessments from enterprise teams like IAM GIS MAPS etc.

2. Send out request to application teams for carrying out control assessments.

3. Gather evidences of control assessments from application teams.

4. Review the evidences collected. Reach out to relevant enterprise team or SME to ensure that the evidences are complete and correct. If not get the rationale for the gap. If gap requires to bridged then facilitate enterprise risk management processes (SIAI or JDI or appropriate risk management).

5. Follow up where evidence is not fit for purpose.

6. Follow up & escalate where delay in delivery of evidences are identified.

7. Address queries from application teams.

8. Periodic reporting of the progress & exceptions in the scheduled Payment related calls.

9. Store the evidences collected in evidence repository.

10. Create documentations like process document play books FAQs etc.

11. Transfer the current process of collecting the evidences to RISE & TRIDENT.

12. Manage changes and exceptions with appropriate approvals and documentations

Required Skills:

Strong interpersonal communication (oral and written) and presentation skills

Ability to welldocument their testing work and provide independent conclusion.

Cyber and IT general controls (including validation of Identity and access management controls Inappropriate Access Reviews Fraud analysis; Toxic Combinations; Separation of Duties; Inappropriate Secondary Approver Logging & Monitoring Entitlement Quality)

Problem solving analytical and organizational skills

Microsoft Office (Excel PowerPoint)

Desired Skills:

5 yrs. of Business and Technology experience.

Ability to drive timely decisions knowing when to engage others for additional input and when to act independently

Influence decisions and outcomes through effective communication

Extremely organized/excellent time management skills with ability to manage competing priorities