AVP-Identity & Access Management

Location

Head Quarter - Jakarta

Level

Supervisor

Employment Status

Permanent

Field of Work

• , IT

Posted Date

16 February 2024

Job Summary

Identity and Access Management Managers play a critical role in safeguarding a companys digital assets, ensuring secure and efficient access to information, and maintaining compliance with regulatory standards.

This position involves overseeing the development, implementation, and maintenance of a robust identity and access management strategy Scope of work not only covers IT but also other areas which use IP technology:

• IT systems environment
• Business Support Systems (BSS) and supporting infrastructure
• Enterprise Support Systems (ESS) and supporting infrastructure
• IT office and supporting infrastructure
• Datacomm network
• Core network element

Job Description

Policy Development

To formulate and implement comprehensive IAM policies, procedures, and guidelines that align with the organization’s security and compliance objective

Deliverables:

• Comprehensive IAM policies, procedures, and guidelines

• Policy documents that clearly articulate access control, authentication, and authorization standards.

Access Control

Manage user access to systems, applications, and data by defining and enforcing access controls, authentication, and authorization mechanisms

Deliverables:

• Access control mechanisms implemented and consistently enforced.

• Defined user roles and permissions for systems, applications, and data.

Technology Integration

Oversee the integration and administration of IAM technologies, ensuring they align with business needs and adhere to industry best practices.

Deliverables:

• IAM technologies seamlessly integrated with existing systems and applications.

• Documentation of integration processes and procedures.

Risk Mitigation

Identify and mitigate security risks related to identity and access management, staying abreast of emerging threats and implementing proactive measures.

Deliverables:

Identification and documentation of potential security risks related to IAM.

Compliance Management

Ensure IAM processes and controls comply with relevant laws, regulations, and industry standards, fostering a secure and compliant operating environment.

Deliverables:

• Documentation confirming IAM processes and controls comply with relevant laws, regulations, and industry standards.

• Regular compliance audits and assessments.

Incident Response

Develop and implement incident response plans related to identity and access management, collaborating with IT and security teams to address and resolve security incidents promptly

Deliverables:

• Incident response plans developed, documented, and communicated.

• Collaboration with IT and security teams to ensure timely response to security incidents.

Job Requirements

Qualification:

• Minimum bachelor’s degree (Information Technology/ Electrical Engineering/Telecommunication Engineering, Computer Science, Communications, Marketing, Information Security, Business, Technical), master’s degree preferred with minimum 5 years experience.
• Security or enterprise architecture certificates such as CISSP, CISA, CISM, GIAC, CISA, SANS, and ISO 27001 Lead Implementor/Lead Auditor, etc.
• Proficiency in security protocols, cryptography, authentication, authorization, security vulnerabilities, and remediation techniques. Familiarity with programming languages and frameworks is a plus.
• Proficient in: LINUX, Windows Servers, Unix.
• Familiarity with database: Oracle, MySQL, DB2, MariaDB
• Familiarity with PAM and identity and Access Management solution such as: Cyberark, Arcon, Oracle
• Familiar with Active Directory for user creation, modification and deletion process
• Having an experience to setup and execute User Access Review and User Access Matrix roll out
• Knowledge: User Access Matrix and User Application Matrix
• Knowledge in SSO and MFA for Authentication Access ID
• Ability to analyze and identify actions to be taken.
• Honesty and high-integrity character
• Working well under pressure
• Good communication and influence skill
• Strong understanding of all Information Security Domains
• Sound understanding of businesses supported and security principles and policies
• Knowledge of network, system, and application monitoring technologies

Related Experience:

• Proven experience in information security, IAM, or a related field, with 5 - 7 years in handling PAM and identity access management, with specific experience in Telco or Enterprise.
• Experience in develop and do improvement of PAM, IDM and Identity Access Management
• Demonstrated experience in developing, implementing, and maintaining security policies, procedures, and guidelines.
• Proficiency in designing and managing access control systems, including experience with role-based access control (RBAC) and other authentication and authorization mechanisms.
• Hands-on experience with IAM technologies, such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Identity Governance and Administration (IGA) tools.
• Familiarity with relevant data protection laws, regulations, and industry standards. Experience in ensuring IAM practices align with and meet compliance requirements.

Skills:

• Information System Management
• Operational Management
• Enterprise Risk Management
• Software Engineering
• IT Security Management
• Telco Knowledge
• Strong verbal and written communication skills (fluency in English is required)
• Strong interpersonal and communication skills with a proven ability to collaborate with cross-functional teams, including IT, Security, Compliance, and Legal.
• Strong analytical skills to identify security risks, assess their potential impact, and devise effective solutions.
• Previous roles involving risk assessment, vulnerability management, and implementation of proactive security measures to mitigate identified risks..
• Good communication skill both writing and verbally to be able to work together with all employees in the company.
• Ability to convey message in clear, concise and simple way to various employees in the company.
• Ability to deliver and develop presentation in front of different audience and answering their questions.
• Have integrity, confidentiality and independence.