The role is split into two parts which perform the following range of responsibilities on a global basis:
The Design team are responsible for the following;
Design and Implementation of the access model for all new applications within Schroders
Engaging with Business, IT Project Managers, IT Risk, IT Support and 3rd parties on all projects
Completion of Support acceptance process for all access related activities
Compliance with ISAE3402 controls related to access control
Define and communicate the access design acceptance criteria for new applications
Manage the integration of new and updated applications into access control
Management of Audit issues relating to access control
Management of IT privileged access to defined standards.
Implementation The implementation team are responsible for the following:
Management of the Access control work queues.
The team currently process around 2,500 RBAC requests and 300 Remedy tickets per month. Access is provisioned by the team for:
- over 150 Applications
- Databases (liaising with both SQL and Oracle DBAs)
- File Shares (both creation and provisioning of folders, shares and resource groups)
- Wintel Servers
- Unix Servers (through liaison with Unix Team)
- Active Directory (including new Joiners/Leavers)
- Resolution of escalated access related issues (via Remedy, Email or phone)
- Management of remote access licences and tokens
- MI Reporting
- Maintenance of Archer access control related information
Governance The team also perform the following tasks:
Review of daily permission breach reports
Review and approval of all IT privileged access request
Resolution of audit issues and maintenance of evidence for regulatory audits
The Global Access Deign & Implementation team are also required to:
Liaise with Information Security Controls Manager to ensure protection of high risk assets such as employee personal data, client data and high availability unstructured data such as UDTs through appropriately designed access models
Maintain knowledge of advances in the fields of access control, security awareness and related topics in the Information Security industry
To be successful in this role, you should possess the following requisites:
Degree graduate in Computer Science or any other relevant disciplines
At least 3-5 years of experience in access design and implementation
Strong analytical, problem-solving and synthesizing skills
A track record of strong partnering with teams in global location
Passionate about solving problems and driving access design in a collaborative way.
A desire to excel in their day to day activities and through continuous improvement to processes and the service provided by the team
Strong stakeholder engagement skills, with the ability to connect and communicate at all levels across the Group.
Excellent reporting skills, including the ability to simplify complex system configuration into a clearly defined access design model.
Knowledge of current standards and external control objectives to ensure the Global access design model is compliant with all regulatory and audit controls.
Organised with a flexible approach to tasks and working hours