Line Of Business Summary:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.
What you can expect in Identity & Access Management:
In today’s highly connected world, managing and securing the identity of users is essential to the safety and success of our workforce. The Identity & Access Management (IAM) team works within Global Information Services (GIS) and in close participation with all other LOB teams as well as second and third line of defense partners. This role is highly visible and requires frequent interaction with senior management and key stakeholders.
The Senior IAM Information Security Controls Lead will analyze, strengthen, and secure the company's IAM systems and overall risk posture for end user, application and privileged access management. The individual in this role will be a leader in the IAM innovation space, working with senior leaders to implement new technologies and frameworks. This role requires collaboration with technology peers to modernize the IAM ecosystem for securing evolving technologies and identities.
The role also applies knowledge of laws, rules, regulations, and information security frameworks (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, report on adherence to policy requirements, and maintain governance programs related to IAM Standard controls. Expectations include leveraging data analytics, governance process management, and cross-functional partnerships to verify policy compliance, identify gaps, and support remediation activities.