Identity & Access Management Analyst

Primary DetailsTime Type: Full time

Worker Type: Employee

Maintains effective access controls to support adequate protection of QBE data and resources by leading the facilitation and execution of global identity and access management processes and associated control activities to support onboarding, offboarding and access recertification. Ensures a quality access management service including processing of complex, high-volume joiner, mover, leaver and change requests. Support Senior Analysts and Team Leader with projects and larger initiatives requiring audit, risk assessment, process and technical expertise across a highly regulated environment. Liaise with customers at all levels, including senior and executive leadership.

Primary Responsibilities

• Manage demand through the global ticket and request management tool to ensure effective queue management
•Collaborate with global peers and participate in internal meetings to share and develop knowledge and best practice
•Maintain least privileged access to QBE systems for joiners, movers, leavers (JML) and authorized users, ensuring access granted is in line with job function, controls are maintained, or access removed in a timely manner
•Respond to information security and access-related questions and inquiries, using available information security tools and procedures ensuring adherence to QBE’s defined service processes (e.g. Incident, Request, Change, Problem, etc.) and ITIL best practice guidelines
•Manage requests for additional access to QBE systems, ensuring these are met within accordance to agreed controls, protocols (least privileged) and SLA’s
•Consistent compliance with defined controls, processes and QBE security policies and standards
•Proper analysis and autonomous decision making to ensure no separation of duties conflicts exist with access granted
•Timeliness and accuracy to JML and additional access requests, meeting or exceeding defined SLAs and performance targets
•No major security risks/control failures or breaches.
•Demonstrable continuous business process improvement
•Build and maintain strong and effective relationships with business customers at all levels of the organization to ensure service delivery meets expectations.
•Provide advice and guidance for IT security and user access-related activities; ensuring customers are aware of key issues and able to implement correct procedures and protocols.
•Build effective relationships with other departments within IT to ensure smooth end-to-end management of tickets (requests and incidents).
•Independently analyze requests to ensure proper separation of duties and least privileged concept is applied when granting access (across multiple, complex platforms).
•Produce accurate management information to enable effective reporting, decision making and action.
•Investigate and resolve access related inquiries, ensuring effective resolution in line with key controls and processes, minimizing business disruption.
•Administer Active Directory (AD) and other key applications, operating systems/platforms, ensuring information (i.e. identity data) held is current and regularly updated.
•Maintain relevant audit trails to support control activities relevant to the JML processes.
•Independently respond to audit inquiries and activities related to access controls, where required.

Required Education

• Associate's Degree or equivalent combination of education and work experience

Required Experience

• 3 years relevant experience

Preferred Competencies/Skills

• A logical approach to analyze access requests and issues; leverage technical knowledge
•Communicates information in a clear, well-organized, and professional manner, at all levels within the organization
•Follow established guidelines to focus on details and complete tasks attentively and thoroughly
•Escalate issues when necessary
•Prioritize various competing tasks according to their urgency
•Maintain a customer focus and build relationships; ability to proactively manage customer expectations
•Problem solving and analytical skills
•Flexibility, can easily adapt to quickly changing priorities

Preferred Education

• Bachelor's Degree or equivalent combination of education and work experience

Preferred Education Specifics

• Degree in Computer Science, Information Systems or related field

Preferred Experience

• Experience with identity and access management; working in a complex, demanding, fast-paced environment;
•Experience with Active Directory (AD), RACF and other access management tools.
•Experience within financial services, preferably insurance industry
•Experience working with outsourced service partners

Preferred Licenses/Certifications

• Certified in Risk and Information Systems (CRIS)
•Security +
•Certified Information Systems Security Professional (CISSP)

Preferred Knowledge

• Ability make autonomous decisions when analyzing requests to ensure appropriate risk-based outcome
•Applied working knowledge of security and access management principles, including separation of duties (SoD) concept
•Understanding of fundamental IT concepts, systems, tools and technologies
•Working knowledge of network security and administration processes, basic computer troubleshooting and general industry best practices Knowledge of External and Internal Audit, SOC1, and other access control reviews


QBE Cultural DNA

• Everything we do at QBE is underpinned by our DNA (which interlinks seven cultural elements) – because we know it's not just what we do that matters, it's how we do it that makes the difference. We expect all employees to role model and inspire the right behaviours that link to our cultural elements:-We are customer-centred-We are technical experts-We are diverse-We are fast-paced-We are courageous-We are accountable-We are a teamAll employees are expected to adhere to QBE’s Code of Ethics and Conduct and apply sound risk management practices


US Only - Travel Frequency

• Infrequent (approximately 1-4 trips annually)

US Only - Physical Demands

• General office jobs: Work is generally performed in an office environment in which there is not substantial exposure to adverse environmental conditions. Must have the ability to remain in a stationary position for extended periods of time. Must be able to operate basic office equipment including telephone, headset and computer. Incumbent must be able to lift basic office equipment up to 20 lbs.

US Only - Disclaimer

• To successfully perform this job, the individual must be able to perform each essential job responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential job responsibilities.  

Job Type

• Individual Contributor


Australia/New Zealand Only - Advice/Non-Advice >

• Non-Advice: This role is not authorised to provide financial product advice to retail customers in respect of General Insurance products. Financial product advice, means a statement or recommendation made to a retail customer with the intention of influencing their decision in considering a general insurance product.

Global Disclaimer

• The duties listed in this job description do not limit the assignment of work. They are not to be construed as a complete list of the duties normally to be performed in the position or those occasionally assigned outside an employee’s normal duties. Our Group Code of Ethics and Conduct addresses the responsibilities we all have at QBE to our company, to each other and to our customers, suppliers, communities and governments. It provides clear guidance to help us to make good judgement calls.

Skills:

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.