Information Security Analyst, Identity and Access Management Full Time NEW

Background:

The IRC has defined a new strategic mission & vision, along with initiatives and key processes to meet strategic objectives. The IT department provides reliable and scalable application development and infrastructure for the IRC’s offices around the world, including technologically complicated locations. IRC’s ITHQ department includes 70 professionals primarily in the US & Nairobi and over 150 IT professionals in 40 counties supporting 13, 000 staff globally.

Job Overview/Summary:

The Information Security Analyst, Identity and Access Management (IAM) is a Global Information Security (GIS) specialist accountable for supporting the organization’s identity and access management program, ensuring that the right individuals have the appropriate access to Information Assets. The Information Security Analyst, IAM participates in the development of workflows, system configuration, documentation, optimization and support related to access, while working across functional teams to deploy new functionality, etc.

Additionally, the Information Security Analyst, IAM is responsible for the on-going maintenance, testing, support and optimization of Identity Governance and Role Based Access Control (RBAC). While working mostly independently, the role also holds team responsibilities and leads small to medium scale projects and participates in continuous improvement activities. The Information Security Analyst, IAM will collaborate closely with core IT functions and business teams to implement and maintain IAM processes and tools that align with security best practices, compliance requirements, and organizational goals.

This role advises the IAM Program Manager on program health and oversees policy and standards implementation to ensure compliance with regulatory and donor requirements.

Major Responsibilities:

This role is responsible for the execution of comprehensive IAM procedures for authentication, authorization, and access provisioning.

Identity Access Management and Architecture

• Assists in managing user identity lifecycle including onboarding, offboarding, and account updates.
• Monitor for and investigate incidents related to identities/workloads and recommend corrective action.
• Provide identity and access management advisory and consulting to internal stakeholders.
• Develop and maintain training materials related to identity and access management.

Compliance and Governance

• Regularly audit and monitor access rights to detect anomalies and mitigate risks.
• Respond to internal/external audit findings and implement remediation measures.
• Participate in ongoing auditing and risk assessments, and implementation of audit recommendations.

Key Working Relationships:

Position Reports to: Senior Program Manager, Identity and Access Management

Indirect Reporting: Regional and country program leadership, IT leadership, IRC privacy office
Other Internal and/or external contacts:

Internal: IT staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.

External: Industry/sector peers and vendors. Law enforcement if needed for incident response. Participates in sector discussions of IT security-related issues.

Job Requirements:

Education: Bachelor’s degree in an information systems-related field preferred.

Work Experience: 2-3 years’ experience in operations in a global organization; at least 1 year managing user accounts.

Demonstrated Skills and Competencies:

• Proficiency with directory services, such as Active Directory (AD) or LDAP directories in general.
• Working understanding of authentication, authorization, role-based access, least privilege and segregation of duties access control concepts.
• Strong problem-solving and analytical skills, with the ability to assess complex security threats and develop effective solutions.
• Good interpersonal skills required to help identify key relationships and to maintain them.
• Strong oral and written communications skills sufficient for presentation and technical standards development.

Language Skills: English required; French and Arabic a plus

Certificates or Licenses: Security, Compliance, and Identity Fundamentals SC-900 strongly preferred.

Working Environment***:*** Standard office work environment; work location may be another IRC office.

Standards of Professional Conduct: The IRC and IRC workers must adhere to the values and principles outlined in the IRC Way – Code of Conduct. These are Integrity, Service, Equality and Accountability. In accordance with these values, the IRC operates and enforces policies on Beneficiary Protection from Exploitation and Abuse, Child Safeguarding, Harassment-Free Workplace, Diversity Equality and Inclusion (DEI), Fiscal Integrity, Anti-Retaliation, Combating Trafficking in Persons and several others.

Narrowing the Gender Gap: The International Rescue Committee is committed to narrowing the gender gap in leadership positions. We offer benefits that provide an enabling environment for women to participate in our workforce including a flexible hour (when possible), maternity leave, transportation support, and gender-sensitive security protocols.

Equal Opportunity Employer: IRC is an Equal Opportunity Employer. IRC considers all applicants on the basis of merit without regard to race, sex, color, national origin, religion, sexual orientation, age, marital status, veteran status, disability, or any other characteristic protected by applicable laws

Tagged as: International Rescue Committee, Kenya