Junior IT Operations Analyst (IAM, IT Audit, Access review tools)

Job Title- IT Operation Analyst

Reporting To- IT Operation Lead

Purpose of the Role

This role is responsible for executing and enhancing the User Access Review (UAR) process across Singlife’s systems and applications. The analyst ensures that user entitlements are appropriate, aligned with the principle of least privilege, and compliant with internal security standards and regulatory expectations.

Key Responsibilities

User Access Review Execution:

• Conduct periodic reviews of user access rights across applications, databases, operating systems, networks, and security appliances.

• Validate access against the approved User Access Matrix and ensure alignment with users’ roles and responsibilities

Compliance and Governance:

• Ensure all UARs are auditable and comply with Singlife’s Information Security Standard

• Track and document review outcomes, including remediation actions for inappropriate access.

Process Management:

• Coordinate with application owners and business units to ensure timely completion of reviews.

• Support the onboarding of new applications into the UAR scope, ensuring a User Access Matrix is in place prior to review initiation

Continuous Improvement:

• Identify gaps or inefficiencies in the user entitlement process and recommend enhancements.

• Contribute to the development and refinement of access control policies and procedures.

Stakeholder Engagement:

• Collaborate with IT, Risk, and Compliance teams to align access review practices with broader governance frameworks.

• Provide guidance and training to reviewers on user entitlement process.

Team

• Collaborates with Security Engineering, GRC, IT, and other Fusion Centre pillars.

Key Stakeholders

• Cyber Fusion Centre teams (SOC, Threat Intel, Engineering, GRC)

• Internal Audit, Risk, Compliance functions

• Third-party SOC vendors and service providers

• Technology and Infrastructure teams

Requirements

Education:

• At least Diploma in Cybersecurity, Information Technology, or related discipline

Experience:

• 1–6 years of experience in information security,
• Experience in Identity and Access management (IAM), or
• Experience in IT audit.
• Experience with access review tools, entitlement governance, and user provisioning systems.
• Understanding of access control principles and regulatory requirements.