Head of User Access Control

Al-Ahli Bank Of Kuwait

Job Purpose

A User Access Manager is responsible for overseeing and managing user access to the bank systems, applications, and data. The role ensures that access permissions are granted in compliance with internal security policies, industry standards, and CBK CSF beside of Manage, Monitor and Implement the approved change management processes and source code version control across all IT deliverables that are in-line with standards and best practice.

Generic Accountabilities

1. Corporate Governance and Compliance Work fully within risk policies and procedures and compliance regulations and ensure all divisional activities comply with corporate governance & regulatory/legal frameworks
2. Policies & Processes: Develop and implement relevant policies and procedures and conduct regular reviews to remain relevant and effective.
3. People Management Manage people in line with people policies and best practices.
4. Risk Management: Work alongside Risk Management in ensuring that the function works fully within the set frameworks, proactively monitor and report on risk exposure in order to enhance control effectiveness.
5. Compliance: Work fully within ABK s Compliance regulations and standards.

Specific Accountabilities

: IT User Access Management:

1. User Access Administration:
• Create, modify, and delete user accounts and permissions across various systems and applications.
• Ensure proper access control is granted based on user roles and responsibilities.
• Conduct regular reviews and audits of user access to ensure compliance with company policies.
2. Access Control Policy Development:
• Develop and enforce access control policies and procedures in line with industry best practices like PCI and ISO
• Ensure access rights are properly assigned and that segregation of duties is maintained.
3. Access Request Management:
• Review and approve or reject user access requests based on predefined security guidelines.
• Coordinate with relevant departments to address user access requests promptly.
4. Systems/Applications Patching
• Keep user access management systems updated with the latest security patches and enhancements.
• Continuously mitigate the reported vulnerabilities on the users access controls tools
5. Reporting:
• Generate and maintain reports on user access activities, including access logs, permissions, and audits.
• Provide recommendations for improving access control and security measures.
6. System Patching and audit
• Keep user access management systems updated with the latest security patches and enhancements.
• Continuously mitigate the reported vulnerabilities on the users access controls tools
• Close all the reported audit notes for the users access systems on time.

Skills

Knowledge of identity and access management (IAM) tools and systems.

Knowledge of Privileged Access Management PAM systems.

Understanding of security protocols and practices.

Familiarity with compliance standards, such as PCI, ISO .

Strong communication skills for interacting with users, management, and IT teams.

ITSM solution knowledge and hand on experience dealing with different modules like assets, CMDB, Contracts and change management different types in general.