Business Area Overview
ISPL provides centralised services to BNP Paribas globally.
The Identity Access Management (IAM) - Controls team ensures proper IT Security access control for application user accounts. Team ensures controlled access of IT resources such as application accounts, domain accounts, and account privileges to employees.
Overall Job Purpose
The IAM - CONTROLS team supports the local security teams responsible for auditing applications and shared accesses, IT Security breach reporting and several other control functions. The team liaise with governance body and key stakeholders to understand the requirements and to implement control function.
Key Responsibilities and approximates time split (%) (ideally 4-10 points)
Enforces the BNP Paribas global access right management policy
Perform critical access control process, identify control weakness and highlight to management to mitigate the risk.
Ensure documentation of access control functional process and procedures.
Active participation in process improvement and procedure change to enhance risk & security management functionality.
Assist in audit preparation activities and audit action deliverables.
Produces / Requests reports and escalates based on information gathered
Approves on-boarding and approval workflow of IT application in access control tool
Prepare dashboards on Access Control functions
Prepare reports for adhoc projects and task.
Report on compliance of provisioning workflow
Ensures processes and procedures remain effective
Maintains a change management record for the access control tool application
Monitor Leavers and mover with BNPP perimeter
Consult with users for daily access control operational tasks / questions
Operates IT Security access control procedures in accordance with the global security and local regulation requirements
Investigation and report of security incidents related to access control to management
Provide monthly user/system accounts reports to management
MIS reporting as required using Business Objects & Excel.
Essential Experience (in order of importance)
Awareness of User Access Management principles
Strong understanding of controls in an Identity and Access Management - CONTROLS environment
Competent in Excel to build / develop spreadsheets and analyse data
Familiarity with the reporting tools such as Business Objects for creating reports
Essential Skills/ Competencies
Good verbal and written communication skills
· Strong problem solving skills with attention to detail
· Ownership of tasks / issues
· Good reporting and monitoring skills
Service delivery focused (Must be able to handle customers in a confident, positive and responsive manner)
· Client focused with can do attitude
· Good interpersonal skills
· Must demonstrate ethical responsibility, maturity, and discretion
· Ability to multi-task
· Effective time and priority Management
· Ability to work autonomously as well as in a team
· Proactive approach towards work
· Work off his / her own initiative
· Technical proficiency in Basic Unix/Linux, Windows NT/2000/XP operating Systems, Mainframe; Internet web services; Sybase, Oracle and other relational Database Systems; Active directory
· Scripting skills preferred
· Good understanding of financial industry and operating environment is an advantage
Should be a graduate at least