Identity/ Access Management at Equity Bank Kenya

Job Responsibilities/ Accountabilities:

Architecture:

• Provide guidance on automation of user account and identity life cycle management, including creating, provisioning, securing, and inactivation of access, entitlements and or identities.
• Shall participate in projects and production support operations focused on implementing Identity and
• Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations.
• Collaborate in the design, implementation, and support of the IAM technologies.
• Participate in projects to ensure standard processes and procedures are implemented when rolling out new provisioning and role management points.
• Plan, build, test, manage, and update security for the protection of and access to Equity’s assets.
• Assist with the development, implementation, and support of RBAC.
• Ensure all evidence of authorization is engineered for documentation and archival purposes in accordance with internal standards.
• Manage directory account permissions via RBAC.
• Act as the subject matter expert for Identity Governance and RBAC.
• For systems and software applications in scope for IAM Team, reconcile discrepancies between access rights assigned and access rights required for users to perform job duties.
• Assist Access Control Administrators in troubleshooting issues with IAM tools and processes.
• Assist with application upgrades, evaluation of new technology, settings, and functionality.
• Troubleshoot security and workflow issues independently or in collaboration with other Information
• Systems teams and/or stakeholders, while adhering to internal service standards.
• Enforce organizational policies and procedures to ensure only authorized personnel have access to information in compliance with the Minimum Necessary Rules.
• Participate in ongoing auditing and risk assessments, and implementation of audit recommendations.
• Develop system access and security implementation plans derived from operational customer needs and requests.
• Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other Information Security teams as needed.
• Generate reports to perform in-depth analysis and data collection for issues associated with IAM.
• Support with the roadmap on optimization and enrolment of Multifactor Authentication (MFA), Single Sign-on (SSO), Biometric devices, and Mobile Device Management (MDM).
• Assist in efficiency improvements by recommending process changes as well as developing solutions to automate and orchestrate repeatable tasks for IAM.

Strategy:

• Excellent understanding of Directory Services and Identity and Access Management technology.
• Ability to develop workflows and documentation related to identity and access management.
• Understand and interpret Application Programming Interfaces (APIs).

Qualifications

Knowledge and Experience:

•  A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study.
• Relevant industry certifications in information security program such as CISSP, CompTIA Security+, CISM will be an added advantage.
• Relevant Identity and Access Management OEM certifications will be an added advantage.
• Excellent understanding of Directory Services and Identity & Access Management technology such Cyber Ark, Sailpoint, Okta, Active Directory, Entra ID, etc.
• Excellent understanding of Single Sign-On, SAML, Auth 2.0 etc.
• Understands Cloud computing and relative technologies.
• Outstanding experience around Authentication and authorization on Windows, Linux, MAC and other applicable operating systems.
• Outstanding experience with identities, entitlements and accounts around technology stacks such as:
• Middleware, Databases, distinct Application types.
• 5+ years relevant work and software experience: Active Directory, Microsoft O365, ServiceNow or
• Identity and Access management applications.
• Good understanding ISO27001 and PCI-DSS certification
• Experience of identifying and managing technology security risk around identities, entitlements, authentication and authorization.