Reporting line- Manager; Service Delivery
Performing operation activities in Logical Access Management (i.e, creation of user IDs, assigning access rights to system users, resetting user passwords, activating, and disabling user IDs, etc) in accordance with the established policies, processes, and procedures.
- Perform Logical Access Management tasks (creation of new user IDs, assigning access rights to users, resetting users’ passwords, activating user IDs, disabling user IDs, etc) in accordance with relevant Logical Access Management processes and procedures.
- Ensure Logical Access Management requests have proper approvals before addressing them.
- Communicate feedback to users in case there is any delay in addressing their requests.
- Ensure that password and any other sensitive information related to user login credentials is communicated to the right people.
- Track the status of any request initiated by anyone in the Service Management tool.
- Generate and/or prepare user profiles reports that detail their access rights for different systems
- Forward user profiles report to business units for their reviews within agreed timelines.
- Forward exceptions picked during the user access reviews including access rights that violate the segregation of duties (SoD) principle.
- Document user access reviews and ensure signed-off review sheets are properly filed for future reference.
- Continually devise ways of improving processes and procedures around reviews of user access
- Provide information related to user access rights issues as requested by auditors.
- Address audit and Management Assurance findings by performing actions under area of responsibility.
- Ensure controls defined in the audit finding closures or management assurance reports related to the area of responsibility are embedded in daily operations.
- Get daily reports of leavers and transfers from the ICT Governance Team
- Disable all user IDs of leavers and transfers as necessary.
- Disable user IDs of interdicted members of staff immediately upon receiving interdiction notice from HR or any other reliable sources (e.g., the line manager of the interdicted staff members).
- Ensure all Logical Access Management requests from the Service Management tool are properly filled and approved by relevant authorities to ensure easy reference and retrieval in future.
- Ensure any deviation from normal processes and procedures gets prior approval from relevant authorities and evidence for that is kept for future reference should such need arise.
- Managing calls, emails and tickets raised by users regarding ICT service requests, incidents and queries are properly assigned and tracked towards the resolution
- Perform any duty as assigned by the Manager/Supervisor.
Experience, Knowledge and Skills Requirements
- Bachelor’s degree in Information Technology, Computer Science or any other equivalent and relevant qualification from an accredited institution.
- Minimum of 3 years experience in a banking IT environment and with a must-have exposure, knowledge and understanding of ITIL processes.
- A certificate in IT security or Information Systems Audit e.g. CISSP, Security+ etc. is an added advantage.