Security Access Control Specialist

Scope:

As part of the NIST Cyberprogram on the subject of Identity and Access Management (IAM), the mission will focus on two axes:

• The implementation of IAM service offer "MyAccess" for international subsidiaries in accordance with the group strategy.
• Improvement of the access reviews through the IAM tools (MyAccess and GuardIAM tools).

Responsibilities:

• Deploy, operate, and maintain IAM controls covering the entire user lifecycle (creation, modification, revocation)
• Perform and supervise access rights controls and reviews (standard, privileged, orphan, generic accounts)
• Support subsidiaries on IAM control topics and procedures, including lifecycle processes
• Ensure compliance of access management with security policies and regulations
• Analyze access anomalies and follow up remediation actions
• Collaborate with IT Security, Risk, and Audit teams
• Train local users on IAM lifecycle processes, controls, and best practices

Main Tasks:

Your mission consists in taking charge of the following activities:

• Implementation & support of IAM service for international subsidiaries:
  • Assist local teams during deployment and operation of IAM tools
  • Construction of the process for setting up the tool and guide to good security practice
  • Monitoring of the deployment of IAM tools
  • Creation of validation and provisioning workflows
  • Support for change for all entities concerned.
• Access reviews & reconciliation:
  • Lead periodic reconciliations between theoretical rights (IAM system) and effective rights
  • Identify valid vs invalid accesses and drive remediation
  • Automate data extraction and control reports to improve lifecycle control and reconciliation