WTW
Website:
wtwco.com
Job details:
Description
The Role
This role will support Governance, Risk and Compliance responsibilities within WTW and includes activities such as;
- Provide oversight and input to IAM processes undertaken across WTW including access recertification, privileged access, JML, policies/standards and risk process ensuring alignment with the internal Information and Cyber Security framework.
- Assist the IAM Leads in developing the Identity Control Framework by continually researching new technologies, processes and practices contributing to the long-term Identity strategy within WTW.
- Manage key audit requests from both internal and external auditors to provide regulatory evidence to support SOX, SOC2, HIPPA etc.
- Perform as a subject matter expert within IAM covering all aspects of the Identity Security
- Support solution development through problem solving to ensure adherence to Security Controls, Policies and Standards with a focus on automation and control.
- Derive themes from identified gaps and recommend appropriate remediation measures to mitigate risk associated with gaps.
- Work closely with senior leadership to identify improvement opportunities to enhance existing controls.
- Manage the end-to-end audit lifecycle and Own Management Action Plans
- Govern IAM documentation: design, maintain, and continuously improve policies, SOPs, and compliance dashboards.
Qualifications
The Requirement:
Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO etc)
- Knowledge and understanding of Regulatory Risk and Compliance policies and programs
- Experience of Cloud technology and Identity solutions and practices
- Ability to work as part of a team
- Knowledge of IAM controls and how to implement them effectively such as; toxic combinations, segregation of duties, lead privileged and zero trust
- Ability to deliver change through people
- Excellent Communication skills, especially written English
- Strong Stakeholder management and ability to influence business and IT leadership.
- The ability to foster and grow relationships.
- Knowledge of SOx/SOC2 requirements for Privileged Access Monitoring and Access Governance Controls.
- Experience of working in a live operational environment with an understanding of the impact of policy adherence is desirable.
Click on Apply to know more.