We’re accepting applications for the position of Cyber Security Identity and Access Management (IAM) Specialist. The Specialist will be ensuring that the right individuals have access to technology systems and take responsibility for developing and implementing identity and access management systems, reviewing user access rights, and maintaining access policies.
Duties and Responsibilities:
- Designing, implementing, and maintaining IAM systems by developing strategies and frameworks for managing digital identities and access permissions
- Analysing user access requirements by creating and enforcing access policies based on user roles and responsibilities
- Performing regular audits to ensure security protocols are not being breached and user access rights are correctly assigned
- Monitoring and auditing user access rights by detecting unauthorised changes or inconsistencies
- Integrating new technologies by working with IT teams to incorporate new tools and technologies into the IAM framework
- Ensuring compliance with relevant laws, regulations, and policies related to user access
- Providing training, developing, and delivering training on IAM procedures across the organisation
- Investigating incidents, reporting, and resolving any identity and access-related incidents or breaches
- Staying updated and keeping abreast of the latest trends and advancements in IAM, including potential security threats
- Acting as a Single Point of Contact (SPOC) in Cyber Security for one African market and backup SPOC for another, assisting with remediation of vulnerabilities, patching, and systems hardening
- Maintaining and supporting various cybersecurity systems, including Firewalls, WAF, Antivirus, Logging Solutions, Network and Host IDS/IPS
- Troubleshooting and remediating Level 1/2/3 issues impacting cybersecurity operations
- Facilitating implementation, management, and optimisation of Cyber Security policies, standards, and procedures
- Providing support for cyber incident detection and response
- Driving standards of excellence to achieve the Cyber Security strategy
- Implementing actions to close MPA risks, audits, and reviews (internal and external)
- Improving the Cyber Security posture of the company through various initiatives, including Cyber Security Baselines
- Optimising the Operational & Monitoring Cyber Security Baselines (CSB) controls across all relevant business areas and processes associated with IAM and PAM Security
- Designing and implementing effective Identity and Access Management security measures to protect data, software, and hardware
- Monitoring and responding to user activity and security breaches
- Conducting regular security audits and vulnerability assessments for IAM technologies
- Developing and enforcing security policies and procedures
- Collaborating with IT and other departments to ensure comprehensive security measures
- Staying updated with the latest security trends, threats, and technology solutions
- Providing training and knowledge sharing to staff on network security practices
- Supporting all internal and external audits around technology systems and processes, ensuring these systems are free from known technology audit findings and all audit findings are closed within agreed timelines
Minimum Requirements:
- Degree in Electrical Engineering, Computer Science, IT or equivalent
- Proven experience in IAM, including knowledge of Active Directory, Azure AD, etc.
- Familiarity with SAML, OAuth, OpenID Connect and other protocols
- At least one professional Security Qualification – CompTIA Security+/CCNA Security
- At least 3 years of work and proven experience in PAM domain tools in terms of architecture and design, integration, implementation, maintenance, troubleshooting, stakeholder management, company wide project management
- Knowledge of CyberArk and Centrify systems hardening baselines
- Demonstrated ability to work effectively with 3rd party suppliers and internal stakeholders
- Strong analytical, problem-solving, and communication skills
- Good communication skills and team player
- Proactive approach to staying ahead of potential security threats