IAM Analyst
- Full-time
- Permanent or Fixed Term Contract: Permanent
- L&G Business Unit: Legal & General Group IT & Digital
- L&G sub Business Unit: GROUP TECHNOLOGY
- Primary Location: Hove, One City Park
- Job Family: IT & Change
Company Description
Helping over ten million people around the world manage their savings, retirement plans and life insurance requires a lot of people behind the scenes. It’s up to us in L&G Group functions – which includes our tech and digital teams, Group Finance, HR, Risk and Corporate Affairs – to provide the essential support services that all areas of the business need, here in the UK and overseas. Simply put, we enable everyone at Legal & General to do what they do best. That means we’re helping to improve our customers’ lives and contributing to the success of the business every day.
Job Description
We have an incredible opportunity for an Identity & Access Management Analyst!
You’ll be joining a dynamic, hands-on team, where you will perform the provisioning, recertification and Privileged Access Management (PAM) processes, as part of the Identity Lifecycle Management activities across the Legal & General Group and business divisions. This includes the support and management of multiple IAM tools to monitor and control all privileges held by Human & non-Human accounts, across all of the L&G infrastructures such as AD, Mainframe, SQL, ORACLE, DB2 and cloud based services.
What you'll be doing:
- Liaising with Group Technology and business divisions to perform Joiner, Mover, Leaver (JML) access management processes as outlined in Legal & General’s policies and standards to help ensure that user access is appropriate as employees and contractors join, move within or leave the organisation
- Defining, implementing & ongoing maintenance or Group RBAC, ensuring least privileged access
- Managing IAM IT General controls with regular reviews of access requests, suitability of use and segregation of user and privileged access
- Liaising with Group Technology and business divisions to conduct regular recertification reviews for user access to help ensure that physical and electronic access requirements are up to date for all users
- Working with application owners and business divisions to map business roles to IT entitlements to help ensure that the appropriate access rights are given to individual users based on business roles
- Managing the user account authentication and password management processes as outlined in Legal & General’s policies and standards to help ensure only the account owners are able to access these
- Monitoring privileged accounts on an ongoing basis and manage provisioning and de-provisioning of privileged access based on the principle that only those that require these enhanced accounts have them for a limited time period to help ensure data breaches are minimised
- Overseeing vendors responsible for providing IAM tools and services and escalate any process deficiencies and remediation actions required to the IAM Manager to help ensure providers meet contractually defined Service Level Agreements (SLAs) required to manage Legal & General risks
Qualifications
Who we're looking for:
- Strong technical expertise in areas such as identity lifecycle management, access management, single sign-on, identity federation, privileged access management, MFA, enterprise directory architecture, access certification etc.
- In-depth knowledge of directories, SSO, Federation, API gateways etc.
- Understanding of IAM related protocols such as SAML, SPML, SCIM, OpenID, OAuth and XACML
- Ability to understand a multitude of infrastructure operating Systems and sub systems such as AS400, AD, SQL, Oracle, DB2.
- Prior work experience in managing user access accounts, service accounts and privileged accounts is required. Able to assess and implement least privilege access methodologies
- Experience with managing User Provisioning Onboarding, RBAC Authorisation models, SSO Active Directory is preferred
- Experience with installation, integration and deployment of technology solutions (IAM solutions would be a bonus)
- Experience of working and managing vendor IAM tools and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, Azure MFA etc
Whatever your role, we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:
- The opportunity to participate in our annual, performance-related bonus plan and valuable share schemes
- Generous pension contribution
- Life assurance
- Private medical insurance (permanent employees only)
- At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
- Competitive family leave
- Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice
- There are the many discounts we offer – both for our own products and at a range of high street stores and online
- In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart
Additional Information
Legal & General is a leading financial services group and major global investor, named Britain’s Most Admired Company in 2023, for the second year running. Rated top in our sector and top for inspirational leadership, we have a strong heritage and an exciting future.
We aim to build a better society for the long term by investing our customers’ money in things that make life better for everyone.
If you join us, you’ll be part of a welcoming culture, with opportunities to collaborate with people of diverse backgrounds, views and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.
We strive to be open, mindful and inclusive, so are always willing to discussing flexible working arrangements and reasonable accommodations for candidates with specific needs.
If you’re open to find out more, we'd love to hear from you.