Apply now »

Information Security Specialist (Team Leader) - Identity and Access Management (IAM)

128330

Job Description

The Information Security Specialist’s role is to support the organization’s identity and access management (IAM) program & services for APAC region with collaboration with other global regions. Candidates will need to be analytical, ethical, reflect professional attitude & passionate for learning.

  • Administer & supervise users, accounts, and access privileges in the organization’s identity management system to ensure that the right subjects have access to the right resources with set rules.
  • Responsible for supervision administration of IAM system & PAM requests.
  • Involved in identifying, troubleshooting, and resolving IAM & PAM issues.
  • Lead and run IAM initiatives, projects, and delivery as per agreed timeline.
  • Work with internal customers, business analysts, application teams, Information Technology and other Support Vendors to understand requirements for access management projects.  
  • Work with the extended IAM team members in other countries for delivering service.
  • Maintain supervise updated documentation for the IAM program.
  • Engage in IAM control assessment, audits and evidence gathering process.
  • Review access control processes and reports to identify potential risks & gaps. Remediate these within agreed timeline.
  • Provide awareness, guidelines, training to new & existing users on the IAM system.
  • Update and maintain the IAM system & process according to changes in the organization’s business needs.

 

Job Duties

The duties of an Information Security Specialist (IAM) include the following:

  • Managing accounts and permissions in the identity and access management system.
  • Granting or denying access to company resources based on user role and privileges.
  • Managing users, roles, accounts & groups in the identity and access management system through approved request, periodic access reviews and change management process.
  • Enforcing policies and procedures related to identity and access management.
  • Monitoring unauthorized activity in the identity and access management system using logs.
  • Generate reports on identity and access management system activities.
  • Identifying and resolving identity and access management issues.
  • Maintaining up-to-date knowledge of identity and access management best practices.
  • Documenting IAM processes and procedures for wider team reference.
  • Proactively identify control gaps within access management process and perform continuous improvements using technologies and process automation.

 

Job Qualifications

  • Bachelor’s Degree in Computer Science, Information Technology, or related field.
  • At least one to two years of experience in Identity and Access Management, Information Security or Information Technology related fields.

*Candidates without enough years of experience or from different fields may apply if they have completed any Information Security Certifications or other self-learning commitment through online courses as below examples.

  • Completed any IT / Information Security Certifications or Self-Learning (Vendor Neutral) e.g.
  1. ISACA - IT Audit, IT Risk, Cybersecurity Fundamentals Certificate or CISA
  2. (ISC)² Certified in Cyber Security (CC) or (ISC)² SSCP or
  3. CompTIA A+, CompTIA Network+, CompTIA Security+ or EC
  4. Microsoft Windows Server - Active Directory Domain Services Fundamentals
  5. Microsoft Security, Compliance and Identity Fundamentals (SC-900)
  6. Microsoft Azure Fundamentals (AZ-900)
  7. Microsoft: Identity and Access Administrator Associate (SC-300).
  8. Identity and Access Management related courses (EC-Council Identity And Access Management, E|CSS, etc)

 

  • Familiarity with Information Security Principles aka CIA Triad (confidentiality, integrity, and availability). Knowledge of Information Security Risk, Risk Management & Security Controls.
  • Understand Access Control Concepts, Identity and Access Lifecycle (provisioning, modification, termination, access review), concept of authentication vs authorization and Multifactor Authentication (MFA).
  • Excellent verbal communication and written communication skills.
  • Strong analytical, attention to details and problem-solving skills.
  • Good people management, organizational and project administration skills.
  • Dynamic and able to adapt to the needs of organization and business changes.
  • Ability to work individually and collaborate and lead as part of a team to deliver set objectives.
  • Positive attitude, passionate for improvements and self-initiated to learn.

 

Technical Skills

  • Familiarity with operating systems (Windows Server, UNIX/Linux, etc.)
  • Strong understanding directory services (LDAP, Microsoft Active Directory - Account Types, Security Groups, Objects, Attributes, Containers, etc), Azure Active Directory and supporting tools such as Active Roles Server, Microsoft PowerShell & Windows Event Viewer using Splunk
  • Knowledge of security protocols, standards & models (OSI Model, SAML, OAuth, OpenID etc.)
  • Proficient in at least one scripting or programming language (C++, Phython, Javascript, etc.)
  • Experience with any one of IAM & PAM tools (Ping Identity, SailPoint, Oracle Identity Governance, Okta, CyberArk, IBM Security Verify, ForgeRock, etc.)
  • Experience using ITSM Tools such as Service Now, BMC Remedy, ZenDesk etc for incident, request and change management.
  • Familiarity with database concepts and relational databases such as Microsoft SQL or Oracle Database.
  • Advance proficiency using Microsoft Excel spreadsheets and other apps under Microsoft 365 application suites.
  • Knowledge of Power Platform (Power BI, Power Automate, Power Apps, Power Assists)

 

Job Expectations

  • Understand and be able to articulate the Organisation IAM policy & team IAM strategy.
  • Adhere to IAM metrics and KPIs to track progress and measure success.
  • Understand the various IAM tools and technologies available and be able to recommend solutions that will meet the organisation and business needs.
  • Be able to manage and lead IAM projects, including developing project plans within team area of delivery, requirement gathering and managing timelines for completion.
  • Be able to troubleshoot IAM issues and develop creative solutions to solve problems.
  • Have a strong understanding of security concepts and how they relate to IAM.
  • Be able to deliver IAM training to both technical and non-technical staff.
  • Perform research, self-learn with various resources and stay up to date on IAM trends and information security best practices.
  • Work effectively with Management, Business and other IT team members to ensure that IAM process & solutions are integrated seamlessly into the overall IT infrastructure.

 

You are the heart & soul of Zurich! 
 

At Zurich, we like to think outside the box and challenge the status quo. We take an optimistic approach by focusing on the positives and constantly asking What can go right? 

We highly value the experience and know-how of our employees and offer a wide range of opportunities across business areas to encourage you to apply for new opportunities within Zurich when you are ready for your next career step. 

 

Let’s continue to grow together!

  • Location(s):  MY - Kuala Lumpur 
  • Schedule: Full Time

Apply now »