Current vacancies

Security Access Analyst


Location: Douglas, Isle of Man
Department: Technology
Closing date: 18 Oct 2024



Reporting to the Head of IT Security, this role is integral to the management and integrity of network and system access within IFGL. This role is responsible ensuring that access rights are granted according to role-based access control (RBAC) principles and are in compliance with organisational policies.

The Access Analyst will conduct regular audits of access rights to verify adherence to security protocols and to identify any discrepancies that may pose a risk. In collaboration with the IT Security Team, the Access Analyst will play a key role in the maintenance of access management systems, staying abreast of technological advancements and industry best practices. By monitoring system access patterns and analysing trends, the Access Analyst will help to pre-empt potential security threats and contributes to IFGL’s overall security posture. This role is pivotal in ensuring that the organisation's information assets are protected against unauthorised access.

Joiners, Movers, Leavers (JML) Process:

  • Support the JML process by aiding in ensuring timely provisioning, modification, or revocation of access rights.
  • Assist in documentation and coordination related to staff changes affecting access privileges.

Principle of Least Privilege (PoLP) Implementation:

  • Assist in enforcing the Principle of Least Privilege by contributing to access reviews and adjustments under guidance.
  • Aid in aligning access permissions with PoLP principles within designated responsibilities.

User Recertification:

  • Support in conducting regular access reviews, contributing to identifying and addressing access discrepancies.
  • Assist in utilising automated tools or mechanisms to facilitate periodic access reviews within specific operational domains.

Access Control Framework:

  • Assist in maintaining the Access Control Framework by contributing to policy and guideline documentation within designated areas.
  • Aid in defining RBAC roles, permissions, and access levels aligned with business needs under guidance.

Collaborate with the IT Security Team in areas to include:

Training Program Development:

  • Aid in tailoring Information Security training programs for different departments and roles, contributing insights or research.

Training Delivery and Accessibility:

  • Assist in delivering Information Security training through diverse mediums or sessions, aiding in workshops, webinars, or course support.

Feedback and Improvement:

  • Support in collecting participant feedback to evaluate the effectiveness of Information Security training programs.

Continuous Awareness Initiatives:

  • Assist in implementing ongoing awareness campaigns or communication channels related to Information Security threats and best practices.
  • Support awareness sessions on Information Security matters across various levels within the organisation.

Education:

A’ Level or higher qualification in Computer Studies, Information Security, or a related field, or equivalent hands-on experience.

Experience:

Minimum of 3 years’ experience in an IT support roles and 1+ years in roles that focus on network and/or Cloud security, Identity Access Management (IAM), Role Based Access Control (RBA) and showcasing a track record of increasing responsibility. They should possess a foundational understanding of compliance and risk management, allowing them to contribute meaningfully to these aspects within the scope of their responsibilities.

Technical Skills:

Possess an analytical mind-set, enabling the assessment of security risks and formulation of appropriate mitigation strategies. Have a knowledge of access management solutions and identity management protocols. Strong analytical skills to interpret access data and identify security risks. Awareness of regulatory requirements affecting access controls, such as PCI-DSS and GDPR.

Soft Skills:

Effective communication, adept problem-solving capabilities, and a collaborative nature to work seamlessly within cross-functional teams. Strong analytical skills to interpret security data, aiding in informed decision-making processes.

  • Proficient in logical thinking and reasoning, capable of adapting swiftly to dynamic environments while effectively managing multiple priorities.
  • Confident relationship management skills, at ease when engaging with stakeholders across various levels, including Executive and Board members.
  • Good verbal and written communication abilities, adept at translating intricate technical subjects into language suited to the audience's comprehension level.
  • Reports directly to the Head of IT Security within the Technology Department, working closely with the IT Security Team and other relevant departments.
  • Operates within the corporate risk framework, ensuring alignment with the company's risk appetite and integrating security strategies that complement this framework. Collaborates with risk management teams to ensure IT security measures align with the broader corporate risk strategy.

If you or you know someone who is interested in applying for this position, please forward a current CV with a covering letter to careers@ifg-ltd.com

We encourage and welcome applications from people with diverse backgrounds because we embrace diversity and inclusivity within our business.

Benefits for Isle of Man employees



28 days holiday plus UK bank holidays



Generous discretionary bonus scheme



Voluntary “double matching” pension scheme



Private medical insurance (after qualification period)



Life assurance



Income protection



Free car parking



On site gym