|Posting End Date
Purpose of Job
The post holder is responsible for overseeing the creation, amendment and deletion of all User and Service accounts within the corporate network.
The role will work closely with the internal capabilities and outsourced service providers to ensure that accounts are correct provisioned, maintain the correct level of access, including raised privileges and are removed in accordance with Bank procedures. This role is the EBRD representative for all operational and internal control risk related items.
Accountabilities & Responsibilties
- Responsible for IAM Incident response, including the definition of EBRD policy and process.
- Ensuring that all account creation follows the appropriate IT Security Standards
- Review of all privileged accounts to ensure access is relevant to the designated role
- Ensure that all EBRD Security Polices and procedures are adhered to with regard to the creation, amendment and deletions of user and service accounts
- Ensure accounts within Azure AD and On-Premise AD are correctly aligned
- Ensuring that 3rd party access is appropriate, assigned on a “Least Access” basis and conforms to the necessary IT Security Standards
- Overseeing the day-to-day IAM function provided by the outsource provider through daily calls and regular communications
- Responsible for working with the Infrastructure and Operations technical teams responsible for the support and maintenance of all IAM related Infrastructure and applications
- Development of clear and concise operational reporting suitable to be presented to Senior IT Management. This includes submissions of regular Key Risk Indicator reports that can be used to prioritise IAM activities
- Ensure findings are discussed with the Principle, Identity and Behaviour Analytics and are fed into projects improving the banks overall IT IAM posture
- Assist in coordinating responses to Internal Audit recommendations to ensure that audit observations related to IAM are appropriately managed
- Oversee and manage the relevant change/incident/problem/etc. processes applicable for IAM services and making sure IT processes are followed
- Ensures IAM related incidents are logged, escalated and responded in line with SLAs defined for Operational services
- Monitor Operations service provider and identify any areas of improvements by producing relevant KPIs and metrics. Report with recommendations on how to improve services to Principle, Identity and Behaviour Analytics
- Provide the initial point of contact for IAM related incidents and ensure appropriate escalation as and when required
- Attend Operations service review meetings with the service provider as and where appropriate
- Build and maintain a positive working relationship with the IT Capabilities and 3rd party service providers
Knowledge, Skills, Experience & Qualifications
- Educated to honours degree level and/or a relevant and recognised Professional level IT Security accreditation.
- Detailed working knowledge of ITIL framework
- Detailed working knowledge of IT Security frameworks such as ISO27001
- Proven ability to accurately take decisive action based on available information in a timely manner
- In-depth knowledge of technical solutions covering areas such as Active Directory, Azure AD, Privilege assignment, AD Group management and their core functionalities
- Familiarity with assigning and managing basic Role-Based Access Control “RBAC” roles
- Familiarity with assigning access based upon a Zero Trust requirement
- Familiarity with Single Sign On solutions
- A fundamental understanding of Azure services and cloud concepts
- Basic understanding of Azure Security Center for monitoring and recommendations
- Ability to create and maintain documentation for the IAM processes and configurations
- A willingness to learn and adapt to new Azure IAM security features and best practices
- Experience of coordinating and supporting incident handling and remediation
- Extensive experience in IAM Operations, ideally within the Financial Services sector
- Broad understanding of corporate IT infrastructures and technologies
- Experience of successfully working under pressure to challenging deadlines
- Practical experience of computer operating systems such as MS Windows, UNIX/Linux
- Ability to quickly get to the root cause of issues
- A need to be organised, efficient and able to work unsupervised under your own direction
- Experience of ServiceNow
- Experience of AD Audit tools, such as Microsoft Identity Protection, Netwrix
- Good working knowledge and understanding of (with particular emphasis on IAM aspects) in the following areas: Microsoft On-Prem AD, Azure AD, W2K16 & W2K19, Windows 10 & 11, HP UX, RedHat Linux, Oracle & MS-SQL
- Introductory skills in PowerShell or other scripting languages for simple IAM tasks
- Awareness of MFA setup and usage
- Familiarity with assigning and managing and monitoring PIM roles in Azure
- Familiarity of Password Management solutions such as BeyondTrust
- Ability to operate sensitively and effectively in a multicultural environment
- Ability to communicate effectively to a wide variety of audiences both within and outside of EBRD
- Ability to handle pressure and work to challenging deadlines
- Ability to work both independently and as part of a team
- Good team player with strong interpersonal and diplomatic skills
- Fluency in oral and written English is essential
- Good organisational and multi-tasking skills
What is it like to work at the EBRD?
Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people’s lives and help shape the future of the regions we invest in.
The EBRD environment provides you with:
- Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in;
- A working culture that embraces inclusion and celebrates diversity;
- An environment that places sustainability, equality and digital transformation at the heart of what we do.
Diversity is one of the Bank’s core values which are at the heart of everything it does. A diverse workforce with the right knowledge and skills enables connection with our clients, brings pioneering ideas, energy and innovation. The EBRD staff is characterised by its rich diversity of nationalities, cultures and opinions and we aim to sustain and build on this strength. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities. As an inclusive employer, we promote flexible working and expecting our employee to attend the office 50% of their working time.