Associate Lead - Information Security
Job Summary
Job Description
The role of Information Security Lead / Lead – Identity Governance and Compliance involves managing identity governance and compliance activities, including User Access Reviews (UAR) and RBAC. The position requires ensuring IAM practices meet internal policies and external regulations, maintaining and enhancing identity governance policies, and providing expertise on Active Directory. Key responsibilities include aligning practices with frameworks like PCI DSS, ISO 27001, NIST CSF, and COBIT, enforcing least privilege principles, conducting training, managing audit readiness, and participating in incident management and cloud migration initiatives. The role also drives continuous improvement in identity governance and GRC processes.
Must have:
- Lead identity governance and compliance activities, including UAR.
- Ensure IAM practices comply with policies and regulations.
- Maintain identity governance policies and standards.
- Provide expertise on Active Directory (AD).
- Align identity governance with frameworks like PCI DSS, ISO 27001, NIST.
- Enforce least privilege principles.
- Bachelor's degree in Information Security or related field.
- 5-7 years of experience in Information Security.
- Strong understanding of UAR processes.
- Experience with Active Directory.
- Familiarity with regulatory frameworks.
- Excellent analytical and communication skills.
Good to have:
- Relevant certifications (CISSP, CISA, CISM).
- Experience with IAM tools (SailPoint, Saviynt).
- Experience supporting audits.
- Knowledge of GRC tools.
- Knowledge of Cloud Identity (AWS, Azure).
4 skills required
Job Details
Job Title: Information Security Lead / Lead – Identity Governance and Compliance
Department: Information Security – Governance, Risk & Compliance (GRC)
Experience: Level: 5 – 7 years
Employment Type: Full-time
Key Responsibilities:
• Lead and manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities.
• Ensure IAM practices comply with internal policies and external regulatory requirements.
• Maintain and enhance identity governance policies, standards, and procedures.
• Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning.
• Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT.
• Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records.
• Conduct regular training sessions for the SM team on security controls and client requirements.
• Coordinate SME involvement in quarterly meetings and training initiatives.
• Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management.
• Participate in incident management, change control meetings, and cloud migration initiatives.
• Engage in SOC operations and threat tracking.
• Drive continuous improvement initiatives in identity governance and GRC processes.
• Lead the annual review of security information presentations in collaboration with Compliance.
• Lead and manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities.
• Ensure IAM practices comply with internal policies and external regulatory requirements.
• Maintain and enhance identity governance policies, standards, and procedures.
• Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning.
• Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT.
• Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records.
• Conduct regular training sessions for the SM team on security controls and client requirements.
• Coordinate SME involvement in quarterly meetings and training initiatives.
• Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management.
• Participate in incident management, change control meetings, and cloud migration initiatives.
• Engage in SOC operations and threat tracking.
• Drive continuous improvement initiatives in identity governance and GRC processes.
• Lead the annual review of security information presentations in collaboration with Compliance.
• Bachelor’s degree in Information Security, Computer Science, or a related field.
• 5 – 7 years of experience in Information Security, with a focus on Identity Governance and Compliance.
• Strong understanding of User Access Review (UAR) processes and tools.
• Experience with Active Directory (AD) and identity lifecycle management.
• Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT.
• Excellent analytical, documentation, and communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.
Preferred Qualifications:
• Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC.
• Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD).
• Prior experience supporting internal or external audits.
• Knowledge of GRC tools and platforms.
• Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws.
• Knowledge of Cloud Identity (AWS or Azure Identity).
Similar Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Similar Skill Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Jobs in Thiruvananthapuram, Kerala, India
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Similar Category Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
