Identity & Access Management (IAM) Engineer at Equity Bank Kenya

Job Purpose:

The Identity & Access Management Engineer will be responsible for architecting and engineering the development of workflows, system configuration, documentation, optimization and support related to access, while working with application teams to deploy new applications and functionality.

The IAM Engineer shall effectively communicate department and organization wide policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. In addition, the IAM Engineer shall provide guidance on optimizing security build based on appropriate minimum necessary standards. The IAM Engineer shall be responsible for the on-going maintenance, testing, support and optimization of Identity Governance and Role Based Access Control (RBAC).

The IAM Engineer shall assist other team members, Equity staff and leaders related to identity and access management and participates in continuous improvement activities.

Job Responsibilities/ Accountabilities:

Architecture:

• Provide guidance on automation of user account and identity life cycle management, including creating, provisioning, securing, and inactivation of access, entitlements and or identities.
• Shall participate in projects and production support operations focused on implementing Identity and
• Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations.
• Collaborate in the design, implementation, and support of the IAM technologies.
• Participate in projects to ensure standard processes and procedures are implemented when rolling out new provisioning and role management points.
• Plan, build, test, manage, and update security for the protection of and access to Equity’s assets.
• Assist with the development, implementation, and support of RBAC.
• Ensure all evidence of authorization is engineered for documentation and archival purposes in accordance with internal standards.
• Manage directory account permissions via RBAC.
• Act as the subject matter expert for Identity Governance and RBAC.
• For systems and software applications in scope for IAM Team, reconcile discrepancies between access rights assigned and access rights required for users to perform job duties.
• Assist Access Control Administrators in troubleshooting issues with IAM tools and processes.
• Assist with application upgrades, evaluation of new technology, settings, and functionality.
• Troubleshoot security and workflow issues independently or in collaboration with other Information
• Systems teams and/or stakeholders, while adhering to internal service standards.
• Enforce organizational policies and procedures to ensure only authorized personnel have access to information in compliance with the Minimum Necessary Rules.
• Participate in ongoing auditing and risk assessments, and implementation of audit recommendations.
• Develop system access and security implementation plans derived from operational customer needs and requests.
• Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other Information Security teams as needed.
• Generate reports to perform in-depth analysis and data collection for issues associated with IAM.
• Support with the roadmap on optimization and enrolment of Multifactor Authentication (MFA), Single Sign-on (SSO), Biometric devices, and Mobile Device Management (MDM).
• Assist in efficiency improvements by recommending process changes as well as developing solutions to automate and orchestrate repeatable tasks for IAM.

Strategy:

• Excellent understanding of Directory Services and Identity and Access Management technology.
• Ability to develop workflows and documentation related to identity and access management.
• Understand and interpret Application Programming Interfaces (APIs).

Qualifications

Knowledge and Experience:

•  A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study.
• Relevant industry certifications in information security program such as CISSP, CompTIA Security+, CISM will be an added advantage.
• Relevant Identity and Access Management OEM certifications will be an added advantage.
• Excellent understanding of Directory Services and Identity & Access Management technology such Cyber Ark, Sailpoint, Okta, Active Directory, Entra ID, etc.
• Excellent understanding of Single Sign-On, SAML, Auth 2.0 etc.
• Understands Cloud computing and relative technologies.
• Outstanding experience around Authentication and authorization on Windows, Linux, MAC and other applicable operating systems.
• Outstanding experience with identities, entitlements and accounts around technology stacks such as:
• Middleware, Databases, distinct Application types.
• 5+ years relevant work and software experience: Active Directory, Microsoft O365, ServiceNow or
• Identity and Access management applications.
• Good understanding ISO27001 and PCI-DSS certification
• Experience of identifying and managing technology security risk around identities, entitlements, authentication and authorization. 

 Key Critical Competencies:

• Communication
• Effective team member
• Critical thinking
• Mentoring and teaching
• Identity Management
• Technology Awareness and Management

Role Complexity:

• Document security control for each business service delivery.
• Understand Directory Services and IAM solutions.