Identity and Access Management (IAM) Specialist (Full-Time)

Job description

Identity and Access Management (IAM) Specialist (Full-Time)

Your challenge

• Support the transition of IAM into a mature 2LoD governance function by defining challenge mechanisms, monitoring frameworks, and escalation practices. Contribute to the continuous improvement of IAM monitoring and control effectiveness.
• Develop and refine the IAM governance framework and support the evolution of the enterprise-wide IAM operating model as responsibilities shift to the first line.
• Provide independent challenges to ensure that policies, standards, and the operating model are risk-appropriate, effective, and aligned with the bank’s international context.
• Evaluate the effectiveness of the 1LoD-IAM implementation and identify necessary organizational, procedural, and IT adjustments.
• Ensure alignment with the IAM policy and architecture.
• Provide monitoring of the business role catalog, business contexts, and business-to-IT mappings.
• Challenges related to decisions made by the 1LoD to ensure consistency, least-privilege design, and compliance with governance and regulatory requirements.
• Provide governance and compliance consulting for new business units, organizational changes, and strategic initiatives. Ensure that IAM requirements and policies are appropriately integrated into 1LoD planning and implementation.
• Monitor the effectiveness of business role instance assignment processes and address unusual or high-risk access scenarios. Monitor key IAM control indicators, track 1LoD remediation activities, and strengthen quality criteria without assuming operational responsibilities.
• Conduct IAM risk assessments, compliance monitoring, and governance audits. Validate policy exceptions and monitor separation of duties (SoD) management. Monitor IAM-related certification campaigns and support audits with detailed evidence and insights.

Requirements

• Align business models with IAM governance requirements.
• Solid expertise in IAM governance and access control concepts such as ABAC, segregation of duties, business roles, and identity lifecycle risks, ideally within the financial industry.
• Experience in risk management, compliance, information security, or IT controls, with the ability to serve as a clear second line of defense and to independently challenge first-line-of-defense decisions and controls.
• Strong knowledge of regulatory requirements related to identity and access governance, operational risks, and IT controls in the banking sector.
• Excellent communication and stakeholder management skills that enable effective collaboration and influence across business, IT, and control functions in an international environment.
• The ability to thrive in a changing environment is key to building a mature IAM