Cybersecurity Access Control Governance and Auditing
Islamabad, Islamabad Capital Territory, Pakistan
Inbox Business Technologies
• Create and maintain comprehensive access control policies that define the principles, rules, and guidelines for granting and managing digital access.
• Implement access framework for assigning access based on roles, responsibilities, and job functions, ensuring proper segregation of duties.
• Define and maintain role-based access structures that align with business processes and security requirements.
• Ensure access control policies align with industry regulations and STC Bank security objectives.
• Coordinating with third-party vendors and service providers to ensure that access controls are implemented based on STC Bank policy.
• Understands how to analyze access control lists to gain an understanding of software behaviors and interactions.
• Maintain detailed records of access activities and changes to access rights for accountability and forensic purposes.
• Generate comprehensive reports on access reviews, audits, and compliance status for stakeholders and regulatory requirements.
• Monitoring and maintaining compliance with regulatory requirements related to access review and audit, such as PCI.
• Implementing policies for granting temporary access to systems and applications for users who need it for a specific period.
• Maintain and auditing a centralized inventory of all accounts and access privileges across STC Bank including third-party accounts.
• Maintain and auditing g with other departments or teams to manage third-party access, such as vendors or contractors who need to access STC bank’s systems or applications.
• Collaborate with departments to ensure access certifications are performed.
• Preform gap analysis to identify areas where access controls need to be strengthened.
• Stay up to date with emerging threats, vulnerabilities, and technologies related to access review and audit, and identifying opportunities to adopt new tools or methodologies to improve STC Bank’s overall security posture.
Framework Alignment:
• NCA Scywf –K3505,S0005, T0100,T0114,T3508,T4025,T4027
• SAMA cybersecurity Framework – 3.3.5 Identity and Access Management.
• SAMA cybersecurity Framework – 3.4.1 Contract and Vendor Management
Requirements
- Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Master’s Degree in Cybersecurity, Information Security, or a related discipline (preferred).
- Minimum of 5-7 years of experience in cybersecurity with a focus on access control, governance, and auditing.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance Computer Science Governance IAM Monitoring Vendor management Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open Risk assessment-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs