Responsibilities
* Deploy and configure IDAM solutions (e.g., CyberArk, BeyondTrust, Delinea) across enterprise environments.
* Integrate IDAM controls with identity management, authentication, and security monitoring systems.
* Develop and maintain secure workflows for privileged account provisioning and de-provisioning.
* Manage vaulting, credential rotation, session monitoring, and access policies.
* Monitor PAM alerts and logs, investigate anomalies, and coordinate remediation.
* Enforce least privilege principles and access governance.
* Manage IDAM key controls to ensure that the Bank is effectively managing access to sensitive data.
* Support audits by providing evidence of PAM controls and compliance with frameworks (ISO 27001, NIST, GDPR).
* Identify and mitigate risks related to access misuse.
* Stay updated on IDAM best practices, emerging threats, and new technologies.
* Automate processes to improve efficiency and reduce manual intervention.
* Collaborate with SOC and IAM teams to enhance detection and response capabilities.
Qualifications
* Hands-on experience with IDAM/PAM tools and integration with SIEM/SOC workflows.
* Excellent analytical, problem-solving, and communication skills.
* Ability to support investigations and coordinate with cross-functional teams.
* Experience defining relevant metrics and reporting for governance meetings.
* Hands-on experience with PAM platforms (CyberArk, BeyondTrust, Delinea, SailPoint etc.). Experience of implementing IDAM controls within a financial services firm.
* Strong understanding of identity and access management principles.
* Familiarity with scripting (PowerShell, Python) for automation.
* Experience of managing access provisioning and recertification processes
* Excellent troubleshooting and problem-solving skills.
* Familiarity with directory services (e.g., Active Directory), single sign-on (SSO), multi-factor authentication (MFA), and role-based access control (RBAC).
* Strong understanding of regulatory compliance (e.g. FCA/PRA rules) and identity and access management principles.
* Knowledge of Windows, Linux, Active Directory, and cloud environments (Azure, AWS).
* Recognised industry qualification e.g. CISSP, CISMP, CCSP, CISM.
#J-18808-Ljbffr