Description
My Client based in Sunbury requires a Sap/Service Management IT Access Analyst
Role synopsis
The Access Management team deliver and manage a suite of common processes and services to enable Identity and Access management to users across applications and directories, based upon the ITIL framework. The Access team within End 2 End services aims to deliver timely and accurate access.
Responsibilities:
- Effective Service Management of suppliers to ensure that SLA's and KPI's in relation to Access management are monitored and reported.
- Ensure that timely granting and revoking of Access to end users to the application estate at the right time through standardised policies and processes.
- The effective management of all incidents, problems and events working closely with Third Parties (IBM, HP, Infosys, Wipro, etc)and internal teams related to Access for supported applications
- Assuring activities such as root cause analysis and trend analysis are performed over problems, incidents, and adverse events such that permanent fixes to problems, incidents, and negative events are found and implemented
- Monitoring compliance to corporate security policies and regulatory guidance with regards to user access and broader information security matters
- Act as a Stakeholder for all Projects delivered into Identity and Access Management operations, ensuring that they meet requirements, are fit for purpose, and deliver safe and reliable operations
Key accountabilities
- Administration of the GPID database, ensure integrity of the Database and those ID's that are distributed. Administer ID's and work with GPID customers on any issues and anomalies arising.
- Manage the Development release calendar for those applications in portfolio
- Assist with Service Management of relationship with all service providers and ensure that they comply with standards and policies, including HSSE, security and regulatory requirements, and contributes to service continuity planning
- Develop Continuous Improvement action plans based upon deep understanding of corporate security policy and regulatory requirements, ensure these are followed to completion
- Work with Project teams and Suppliers to ensure safe delivery of Access related projects from Execute to Operations and maintain relationship.
- Multi Factor Authentication Management and distribution
- Risk Management - assist in managing IAM risks
- Facilitate the necessary monitoring, reporting and remediation of controls and gaps in relation to SOX regulatory requirements where necessary.
- Contribute to defining, documenting, maintain, implementing and operating of common processes and solutions owned by E2E services and the wider security community within BP. Promote the definition and adoption of common security solutions.
- Assist in performance reporting against SLA's and KPI's across all of the service management areas.
- Ensure all User documentation is up-to-date, clear and concise, and published in the correct location, easily acceptable to customers
- In conjunction with the BAS organisation conduct and manage analysis of access rights to applications to determine whether privileges are appropriate and up-to-date
Essential experience and job requirements
- SAP/Service Management experience essential
- Good understanding of the practical aspects of Identity & Access management
Understanding of regulatory requirements ie Sarbanes-Oxley - Experience of data analysis. Can demonstrate a track record of analysis supporting a number of significant business units in a complex multi-region multi-application environment.
- Must have good experience of using Excel to undertake data analysis - basic Datamodelling skills are essential
- Able to demonstrate a track record of creating cooperative working relationships across a global organisation
- ITIL foundation qualification minimum
- Good written and oral communication skills.
Desirable criteria and qualifications
- Knowledge of IBM's Identity and Access Management applications (ISIM, IDAM, CIS)
- Knowledge of the requirements of the international standard for Information Security Management Systems (ISMS) - ISO 27001
- Knowledge of SAP Access management