Contractor - Access Control Analyst

  • Competitive
  • Singapore
  • Contract, Full time
  • Schroder Investment Management (Singapore) Ltd
  • 18 Oct 17 2017-10-18

As the Lead Access Control Analyst at Schroders, you will be part of the Global Access Design and Implementation team responsible for user access for all applications hosted in London.

The role is split into two parts which perform the following range of responsibilities on a global basis:


Design

The Design team are responsible for the following;

  • Design and Implementation of the access model for all new applications within Schroders
  • Engaging with Business, IT Project Managers, IT Risk, IT Support and 3rd parties on all projects
  • Completion of Support acceptance process for all access related activities
  • Compliance with ISAE3402 controls related to access control
  • Define and communicate the access design acceptance criteria for new applications
  • Manage the integration of new and updated applications into access control
  • Management of Audit issues relating to access control
  • Management of  IT privileged access to defined standards.

 Implementation
 The implementation team are responsible for the following:

  • Management of the Access control work queues.
  • The team currently process around 2,500 RBAC requests and 300 Remedy tickets per month. Access is provisioned by the team for:

             -  over 150 Applications

             - Databases (liaising with both SQL and Oracle DBAs)

            -  File Shares (both creation and provisioning of folders, shares and resource groups)

            -  Wintel Servers

            -  Unix Servers (through liaison with Unix Team)

            - Active Directory (including new Joiners/Leavers)

            - Resolution of escalated access related issues (via Remedy, Email or phone)

            - Management of remote access licences and tokens

            - MI Reporting

             - Maintenance of Archer access control related information

Governance
The team also perform the following tasks:

  • Review of daily permission breach reports
  • Review and approval of all IT privileged access request
  • Resolution of audit issues and maintenance of evidence for regulatory audits

The Global Access Deign & Implementation team are also required to:

  • Liaise with Information Security Controls Manager to ensure protection of high risk assets such as employee personal data, client data and high availability unstructured data such as UDTs through appropriately designed access models
  • Maintain knowledge of advances in the fields of access control, security awareness and related topics in the Information Security industry

To be successful in this role, you should possess the following requisites:

  • Degree graduate in Computer Science or any other relevant disciplines
  • At least 3-5 years of experience in access design and implementation
  • Strong analytical, problem-solving and synthesizing skills
  • A track record of strong partnering with teams in global location
  • Passionate about solving problems and driving access design in a collaborative way.
  • A desire to excel in their day to day activities and through continuous improvement to processes and the service provided by the team
  • Strong stakeholder engagement skills, with the ability to connect and communicate at all levels across the Group.
  • Excellent reporting skills, including the ability to simplify complex system configuration into a clearly defined access design model.
  • Knowledge of current standards and external control objectives to ensure the Global access design model is compliant with all regulatory and audit controls.
  • Organised with a flexible approach to tasks and working hours