Develop and implement strategies for effective identity management across all digital platforms and systems.
Ensure compliance of user access rights, roles, and permissions based on the principle of least privilege.
Conduct regular reviews and audits of access controls to ensure compliance with ICOFR and SOX requirements.
Maintain access control mechanisms and procedures aligned with ICOFR and SOX standards.
Monitor access logs and investigate any unauthorized access or violations of access policies.
Respond promptly to access-related incidents and coordinate with incident response teams for resolution.
Ensure adherence to ICOFR and SOX regulations related to identity and access management practices.
Conduct assessments and audits to validate compliance with internal controls and regulatory requirements.
Prepare and maintain documentation, including compliance reports and evidence of control effectiveness.
Develop, update, and enforce policies, procedures, and guidelines for identity and access management in accordance with ICOFR and SOX.
Conduct training sessions and awareness programs for employees on access control policies and compliance requirements.
Evaluate new identity and access management technologies and tools to enhance compliance and security posture.
Lead or participate in projects to implement IAM solutions that meet ICOFR and SOX requirements effectively.
Collaborate closely with IT teams, compliance officers, and business units to align IAM practices with organizational goals and compliance objectives.
Communicate effectively with stakeholders at all levels to address IAM-related issues, provide guidance, and ensure understanding of compliance requirements.
Skills and Experience
bachelors degree in Information Technology, Computer Science, or a related field (or equivalent experience).
10 to 12 years of proven experience in identity and access management, with a strong focus on ICOFR and SOX compliance.
Deep understanding of ICOFR and SOX regulations and their application to IAM practices.
Hands-on experience with IAM tools and technologies (eg, Active Directory, Azure AD, IAM suites).
Clear and focused ability to demonstrate the compliance requirements through the use of modern tools like Sailpoint and/or Saviynt.
Familiarity with audit processes and ability to conduct assessments and audits related to IAM controls.
Strong analytical and problem-solving skills with meticulous attention to detail.
Excellent communication skills to articulate complex technical concepts to non-technical stakeholders effectively.
Relevant certifications such as CISSP, CISM, CISA, or similar are highly desirable.
Methodical and detail-oriented approach to work.
Ability to work independently and collaboratively within a team environment.
Commitment to maintaining high ethical standards and data confidentiality.
Adaptability to evolving technologies and regulatory requirements.
