As manager of the Business Access Control Group, you will be responsible to ensure compliance with meeting Logical Access Security Standards (LASS) through periodic application access attestations. Coordinating the Data Owner, Stewards and Application Custodians across the full Investor Services application inventory to complete timely and accurate access reviews based on LASS policy, CSSF and ISAE3402 audit control standards.

Support initiatives designed to deliver a scalable and enhanced access management model, with improved governance and reporting of management information to senior risk owners. 

What will you do?

• Execute the Enterprise Operations Risk Management (EORM) Framework limited to specific programs in order to determine and report an independent point of view of the “Operational Risk Profile” , and escalate issues as required.
• Challenging the business of their understanding of their risk and the status and adequacy of their controls, inclusive of proactive risk management.
• Reviewing and providing assurance that the Operational Control management practices in their respective businesses are effective, meet CACEIS enterprise level requirements, and are followed consistently across the business.
• Consulting and advising on the design of risk management practices within the Business to effectively identify and mitigate operational risks.
  Logical Access Management oversight of logical access requirements, process and controls across the segment for alignment to LASS: Logical Access Security Standards and local IS Bank client data regulation (CSSF).
• Manage a team of individuals to ensure timely and accurate logical access reviews across IS application inventory on behalf of the 1st line risk owners (Data Steward).
• Provide leadership, development and performance appraisal reviews.
  Oversee and deliver the tactical access management process, supported on SharePoint, excel and using macros/VBA where required.
      

Bachelor's Degree in related field. 

Must-have

• 3-5 years relevant industry experience either across Investor Services, Technology or Identity Access Management functions.
• Preferable experience working with application management, access management either across IT, Business or Risk functions.
• Recent people management experience.
• Strong knowledge of SharePoint / Excel.
• Change or project experience.
• Strong comprehension and experiences in managing operational or IT processing with a risk and control mind-set.
• Control Monitoring and Reporting.
•  Risk Control and Mitigation.

Nice-to-have 

• Awareness of IT Standards, Methodologies, audit requirements.
• Technology Appreciation and Awareness.
• Preferred: Professional Qualification (e.g. CA, CFA or MBA).
• System and application configurations is preferred.
• Access control identification & assessment is preferred.