Identity Protection Manager

This job is with WTW, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

Description

The Role

• This role will support Governance, Risk and Compliance responsibilities within WTW and includes activities such as;

Provide oversight and input to IAM processes undertaken across WTW including access recertification, privileged access, JML, policies / standards and risk process ensuring alignment with the internal Information and Cyber Security framework.

Assist the IAM Leads in developing the Identity Control Framework by continually researching new technologies, processes and practices contributing to the long-term Identity strategy within WTW.

Manage key audit requests from both internal and external auditors to provide regulatory evidence to support SOX, SOC2, HIPPA etc.

Perform as a subject matter expert within IAM covering all aspects of the Identity Security

Support solution development through problem solving to ensure adherence to Security Controls, Policies and Standards with a focus on automation and control.

Derive themes from identified gaps and recommend appropriate remediation measures to mitigate risk associated with gaps.

Work closely with senior leadership to identify improvement opportunities to enhance existing controls.

Manage the end-to-end audit lifecycle and Own Management Action Plans

Govern IAM documentation : design, maintain, and continuously improve policies, SOPs, and compliance dashboards.

Qualifications

The Requirement :

Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO etc)

Knowledge and understanding of Regulatory Risk and Compliance policies and programs

Experience of Cloud technology and Identity solutions and practices

Ability to work as part of a team

Knowledge of IAM controls and how to implement them effectively such as; toxic combinations, segregation of duties, lead privileged and zero trust

Ability to deliver change through people

Excellent Communication skills, especially written English

Strong Stakeholder management and ability to influence business and IT leadership.

The ability to foster and grow relationships.

Knowledge of SOx / SOC2 requirements for Privileged Access Monitoring and Access Governance Controls.

Experience of working in a live operational environment with an understanding of the impact of policy adherence is desirable.

]]>