欲随时了解新空缺职位:
加入我们的人才网络
Associate Client Advocate – Healthcare and Life Sciences
职位快照
Taguig, PH
WTW has embarked on a multi-year programme to embed its physical and digital information security standards across the business. That is, ensuring clients, business partners and internal information is protected appropriately at all times. The Information Security Programme (ISP) covers all areas of the Willis business and aims to deliver prioritized and fit for purpose enhancements for each Willis business globally.
Privileged Access Management (PAM) is one of several initiatives which will deliver a series of changes over the ISP lifecycle.
You will work closely with business management, IT and internal stakeholders to support the delivery of WTW PAM. This includes working with members of the PAM Team and other business units, supporting them to manage Elevated access and passwords using the PAM strategic tool ‘CyberArk’.
Principal Duties/Responsibilities
- Lead the PAM team on a daily basis
- Manage daily PAM / CyberArk activities. Requests for access to safes and accounts
- Make sure legacy and current CyberArk structure is aligned to policy / Best practice
- Perform as an IAM PAM SME, consistently researching new ways to improve our IAM operations and overall strategy target
- Ensure adherence to Security Controls, Policies and Standards with a focus on automation and control.The
- Derive themes from identified gaps and recommend appropriate remediation measures to mitigate risk associated with gaps
- Work closely with senior leadership to Identify improvement opportunities to enhance existing controls and overall IAM governance program
- Analysis and monitoring of data to provide key metrics, to ensure least privilege and no toxic access in conjunction with our Audit teams
- Risk management and mitigation for IAM
- Engagement and communication with stakeholders across LoBs and IT platform leads to ensure awareness of IAM policies and procedures
- Knowledge transfer to the new team members
Communications and Relationships
- Report status regularly to Head of IAM
- Communicate and ensure execution of Sox and non-Sox Critical Application privileged accounts
- Provide challenge and escalate risk and issues where appropriate.
Qualifications:
- 5+ years of Information security and/or Identity Access management domain experience
- SME level knowledge of PAM and CyberArk best practices and experience with Identity Access Management technology.
- Practitioner knowledge of key IS and Cyber regulations and how organizations achieve compliance
- Be interested in developing skills and knowledge in information security.
- Formal training in security will be added advantage
- Experience & Knowledge of CyberArk key
- Strong IT skills, able to analyze data for reporting purposes and follow work instruction
- Relevant degree or equivalent experience preferred
Skills:
- Strong IT and analytical skills
- Proactive rather than reactive
- Team player with good interpersonal skills
- Knowledge and experience in Information Security Auditing Techniques
- Ability to work under pressure to tight timelines
- Organized and methodical
- Willing to challenge and desire to learn
- Good communication skills, both orally and in writing
Knowledge/Experience:
- 5+ Years CyberArk knowledge from a BaU level
- ‘Best practice’ level knowledge of PAM
Regulatory Requirements:
- Audit and Compliance knowledge identified by the Information Security Committee
- SOX Requirements for Privileged Access Monitoring and Controls
Equal Opportunity Employer
自主投递 说明
自主投至韦莱韬悦公司网站或员工企业邮箱的个人简历或申请人档案将视为归韦莱韬悦所有,我们无需为此向代理招聘机构支付费用。韦莱韬悦授权的代理招聘机构或猎头公司须持经由韦莱韬悦授权招聘官签署的有效正式书面合同,且须仍与韦莱韬悦保持合作关系。简历须按照我们的申请人提交流程进行提交,包括针对特殊招聘提交的简历。代理招聘机构或公司如不按申请流程提交简历,韦莱韬悦将不会为此支付招聘费用。韦莱韬悦提倡公平招聘。如您希望我们保存您的联系信息,以备日后有合适机会时与您联系,请发送邮件至 Agency.inquiries@willistowerswatson.com.
我们的机构
我们的同事遍及全球140多个国家及市场。我们的业务已基本全面实现国际化,为协作与发展创造了绝佳机遇。查看以下地图,了解韦莱韬悦可以在哪里为您提供机遇。