Summary:

Willis Towers Watson (WTW) Information & Cyber Security (ICS) requires an experienced IAM Oversight Analyst to work within the Identity and Access Management function.

As an experienced information security professional, you will be responsible for leading an internationally dispersed team, support the Global Head of IAM in developing the Identity Control Framework, manage the Identity Risk Portfolio, provide oversight of access recertification and privileged access processes for the entire organization through utilization of a range of IAM Products including Microsoft Identity, SailPoint and CyberArk.

You will be reporting to the IAM Governance Manager. This role is a hybrid role where the normal working base location will be balance between home and office as needed.

Role:

This role will support the IAM Governance responsibilities within WTW and includes activities such as;

• Provide oversight and input to IAM processes undertaken within ICS or wider across WTW including access recertification, privileged access, JML, policies/standards and risk process ensuring alignment with the internal Information and Cyber Security framework.

• Assist the IAM Governance Lead in developing the IAM Governance control framework by continually researching new technologies, processes and practices contributing to the long-term Identity strategy within WTW.

• Manage key audit requests from both internal and external auditors to provide regulatory evidence to support SOX, SOC2, HIPPA etc.

• Perform as a subject matter expert within IAM covering all aspects of the Identity Security

• Support solution development through problem solving to ensure adherence to Security Controls, Policies and Standards with a focus on automation and control.

• Derive themes from identified gaps and recommend appropriate remediation measures to mitigate risk associated with gaps.

• Work closely with senior leadership to identify improvement opportunities to enhance existing controls.

Requirements:

Skills:

• 4-8 years of experience in Identity and Access Management

• Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO etc)

• Knowledge and understanding of Regulatory Risk and Compliance policies and programs

• Experience of Cloud technology and Identity solutions and practices

• Ability to work as part of a team

• Knowledge of IAM controls and how to implement them effectively such as; toxic combinations, segregation of duties, lead privileged and zero trust

• Ability to deliver change through people

• Excellent Communication skills, especially written English

• Strong Stakeholder management

• The ability to foster and grow relationships.

• Knowledge of SOx/SOC2 requirements for Privileged Access Monitoring and Access Governance Controls.

• Experience of working in a live operational environment with an understanding of the impact of policy adherence is desirable.

• Continuous Learner

Behaviors:

• Resourcefulness and organizational agility

• Global team player with good interpersonal and influencing skills

• Conflict Management Resolution (Options Analysis)

• Customer Focus & Integrity and Trust

• Personal Learning & development