**Information Security Specialist - IT Access Management Specialist - Newcastle/hybrid - global programme - £50 - 65k + benefits - This prestigious client is setting a global Information Security Team.
Essential
- Strong understanding of access control principles, including role-based access control (RBAC), attribute-based access control (ABAC), and discretionary access control (DAC).
- Proficiency in access management tools and technologies (e.g., Active Directory, LDAP, IAM solutions).
- Excellent analytical skills and attention to detail.
- Effective communication and collaboration abilities.
- Passion for promoting a security-minded culture.
Desirable
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Security Certifications such as CISSP, CISM, Microsoft.
- Experience with cloud access management (e.g., AWS IAM, Azure AD).
- Familiarity with privileged access management (PAM) solutions.
- Knowledge of single sign-on (SSO) and multi-factor authentication (MFA)
Key duties and responsibilities include
Access Control Design and Implementation
- Collaborate with stakeholders to understand system requirements and user access needs.
- Develop and maintain access control governance policies, procedures, and guidelines.
- Assist with implementing precise permissions alignment across various platforms, applications, and databases.
- Regularly review and enhance access controls to adapt to evolving security threats and our governance model.
Permissions Modeling
- Create and maintain access governance models for different systems, ensuring a fine-grained approach.
- Define roles, permissions, and entitlements based on job functions and responsibilities.
- Conduct access reviews and audits to identify discrepancies and enforce least privilege principles.
User Provisioning and Deprovisioning
- Help define the governance approach to managing user accounts, roles, and entitlements during onboarding and offboarding processes.
- Coordinate with HR and IT teams to ensure timely access provisioning and removal processes.
- Help monitor user activity and address any anomalies promptly.
Security Compliance
- Stay abreast of industry best practices, regulatory requirements, and security standards.
- Ensure compliance with data protection laws (e.g., GDPR, CCPA) and internal policies.
- Assist in security assessments and audits related to access controls.
Excellent organisation, role, team, global full benefits - apply