Access Controls Risk Specialist - Consultant

Access Controls Risk Specialist - Consultant

San Francisco, California
9346357
05-22-2017
or
Intermedia Group has an opening for the following Consultant:

TITLE: Access Controls Risk Specialist
LOCATION: San Francisco, CA
DURATION: 9 months +

CLIENT: FORTUNE 100 BANK

SUMMARY:
  • As part of the Transaction Banking Americas Risk & Controls division, this position seeks a seasoned access controls risk professional, who will support the Director/ Trust Services Operations Risk & Controls Management with implementing to production assigned remediation activities related to audits, exams, reviews, self-identified issue/process improvement projects to further strengthen operational risk management in the area of user and applications access controls risk.
  • Further, this position will transition said projects to programs while assuming associated day-to-day risk and controls management oversight.
  • This position works in a staff capacity that requires planning, organizing, coordinating, negotiating and implementing complex and detailed analysis, research and reporting. 
     
MAJOR RESPONSIBILITIES:
  • This position will manage day-to day responsibilities associated with the Trust Application Identity and Access Management Program as well as implement the remediation strategy activities to strengthen access controls for the program. 

    Project Risk Management: 
    Support the Director in implementing remediation strategy activities, including documentation of action plans and developing, tracking and monitoring and reporting of progress of remediation activities, and identifying potential training needs associated with assigned activities as part of the remediation of audit, exam and review findings as well as self-identified issues. 
  • Ongoing program documentation upkeep (Program, Procedures, User Access Profile matrices, Trust Application Authorization List, trust application access forms reviews, semi-annual certification notification reviews, etc.);  
  • Ongoing alignment of Trust Application Identity and Access Management Program with enterprise Identity and Access Management (IAM) policies and standards;
  • Business-as-usual trust application access related requests, including Secondary Approvals for access to trust applications  (we managed over 581 requests during the 2016 calendar year);
  • Access Role and Segregation of Duties Management and Monitoring  (includes analysis and consultation for access change requests, which can be due to business-as-usual activities, organizational  changes, trust application product/platform changes, etc.);  
  • Next level development of the User Access Security Profile and Segregation of Duties Matrices to meet heightened standards and internal audit findings, including incorporation of enterprise Security Access Profile template;
  • Implementation of and ongoing coordination of annual review of the User Access Security Profile and Segregation of Duties Matrices with matrix owners;
  • Implementation of and ongoing coordination of annual review of trust application model entitlements with model owners ahead of model certification;
  • Monthly review/monitoring of access monitoring reports (OTC Company Report, TED Exception Report, etc.);
  • Annual Control Security Assessments for Access Management as requested by enterprise IAM Risk for the Trust Applications;  
  • Maintenance of the GTS Trust Application Access Management SharePoint;  
  • My Access and Governance Minder Project Onboarding Project liaison responsibilities for the Trust Applications (there are approximately 50 outstanding and 1 requiring further remediation) and liaison for ongoing enhancements to My Access/Governance Minder for onboarded trust applications, including plain language role and entitlements descriptors;
  • Provide segregation of duties and access controls consulting services for new and existing systems, infrastructure components, technologies and architecture.    
  • SME to GTS and TES related compliance with the enterprise IAM and  GTS trust application access policies, standards, and program;
  • SME to enterprise IAM and TUS related to the Trust Application Identity and Access Management Program;
  • Trust Application access controls oversight and periodic testing;
  • Assist Director with remediation implementation activities related to User Access issues as a result of audits, exams and reviews.
  • Implementation and centralized oversight of risk based approach to periodic review of client access and ongoing oversight, if deemed required by enterprise IAM.   
 
Program Risk Management
  • Manage the day-to day oversight of the Trust Application Identity and Access Management Program to ensure access management processes and controls for approximately 52 trust applications are designed and executed and operating effectively in compliance with the bank's policies and standards for identity and access management, including ongoing care of the trust security access profiles. 
 
QUALIFICATIONS 
  • Requires BA or BS degree; 
  • 5+ years’ experience developing and supporting security solutions and/or auditing for 
    Identity Management and Access control, including business security access profiles, system 
    architecture, configuration, monitoring, and ongoing testing and compliance. Experience 
    managing, implementing or testing/auditing Access Management control processes; 
  • Ability to draw operational processes, highlighting risks and controls Enjoys analyzing and 
    discussing risks and controls; 
  • Ability to “connect the dots” and see and articulate a broader picture of risks; 
  • Proven ability to challenge users and process owners; 
  • Demonstrated project and/or program leadership, project management, presentation, and 
    collaboration skills required; 
  • Demonstrated sound strategy, judgment; and analytical skills required; 
  • Able to gather and synthesize complex or diverse information, analyze information skillfully to 
    identify data relationships and dependencies, identify and document information in clear and 
    concise manner, and highlight gaps or problems and present effective recommendations for 
    resolution;  
  • Expertise in Microsoft Office Suite (Outlook, Word, Excel, PowerPoint) in the preparation of 
    executive level reporting and metrics. 
 
If you are interested in pursuing this opportunity, please respond back and include the following:
• Full MS WORD Resume
• Current and required compensation
• Contact information
• Availability
 
Upon receipt, one of our managers will contact you to discuss in full


Jason Denmark
Managing Director

INTERMEDIA GROUP, INC.
131 Varick Street
Suite 936
New York, NY 10013
Voice: 212-248-0100

Email: jdenmark@intermediagroup.com
Corporate Web Site: www.intermediagroup.com
OPEN JOB LIST: http://intermediagroup.com/jobs
 
 

Recruiter Contact


Steve Fleischner | Managing Partner
sfleischner@intermediagroup.com
Intermedia Group Inc. | New York, NY
Main: (212) 248-0100
this job portal is powered by CATS