Manager, Identity and Access Management

Location: Head Office

Position: Manager, Identity and Access Management

Deadline: May 31, 2023

Apply Now

Duties & Responsibilities

  • Understand the Bank’s requirement and environment and then designs and develops the overall Identity & Access Management Governance and Regulatory Framework which follows the best practice frameworks of local regulatory or international.
  • To develop and maintain technical of access control policies, manuals, guidelines in order to promote compliance in line with regulator/corporate policies and local procedures and legal and international security standards (e.g. NBC Technology Risk Guideline, NIST framework and ISO27001 etc.).
  • Establishes, advises, and coordinates user’s Identity & Access Management compliance framework with IT relevant teams.
  • Develops and implements Identity & Access Management Standards in line with internal policies and global frameworks by working with and managing senior stakeholders.
  • Identifies roles for staff, processes, and technologies required for trusted identification, authentication, and authorization within the Trusted Identity systems.
  • Study and consider to on-board the system solution tool for Privileged Access Management.
  • Defining the user role access matrix and quarterly review for compliance report.
  • Enabling the user activity logs or audit trail and monthly reviewing for compliance report.
  • Improving the IT service of user request for creating user account on the system.
  • Periodically reviewing report for the active user, in-active user, staff resign/movement, staff prolong leave, officer in-charge (OiC), new staff join, terminated staff, and user request.
  • Defining dual control password for super ID account of the WBC’ systems.
  • Develop and lead training and awareness sessions with the relevant IT Teams to promote a culture of security, privacy and advice business and sector leads to understand how Identity & Access Management requirements affect their area.
  • Induction the Identity and Access management policies, manuals and guidelines to new on-board IT staffs in order to aware them of their responsibilities.
  • Monitor and maintain the corrective practical of user creation, deletion, modification request and approve.
  • Review and analyze new products and services, including online and mobile applications, to meet Identity & Access Management requirements.
  • Provide the supporting the required documents from HQ, internal and external audit, SWIFT, PCI-DSS, NBC, etc.
  • Implementation of the finding points for improving the IT Security controls based on the findings recommendation.
  • Update report properly about the status of the finding implementation to the IT management.
  • Raise or propose for any concerns the missing controls to the IT Management for further action.
  • Develop the team’s expertise and professionalism.
  • Build self-capacity through on-going learning and development.
  • Ensure on time implementation of PDM performance development, coaching and annual appraisal.
  • Build and maintain relationship with staff, supervisors and other stakeholders.

Requirement Competencies

  • Relevant IT qualification to Computer Science or Information Technology.
  • At least 4 years of information security experiences or IT audit.
  • Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
  • Experience with common information security management frameworks, such as International Standards Organisation (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
  • Proven experience in the implementation and monitoring of service performance KPIs, performance metrics, service standards and agreements.
  • Experience of implementing and managing PCI-DSS compliance.
  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
  • Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy.
  • Effective interpersonal and communication skills, both written and verbal, and the ability to explain complex issues relating to information security at a variety of levels to technical and non-technical audiences.

Benefit Packages

We offer competitive remuneration package and opportunity for career and personal development.

How to Apply

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang, Phnom Penh.