Manager, Access & Control at T2 (Formerly 9Mobile)

Job Summary       

• Drive compliance with segregation of duty requirementsto prevent, reduce or eliminate fraud and loss using best in class frameworksand tools for risk assessment, governance standards and access controlpolicies.

Principal Functions      
Tactical:

• Define the Segregation of duties Business Risks(Segregation of duties rule set) and related mitigating controls and ensurecompliance with both.
• Ensure that System GRC is set up in line with theSegregation of duties rule-set in line with 9Mobile policy and NCC regulations.
• Ensure that the Segregation of duties rule set ismaintained in line with system role changes, changes to the Core Business Modeland changes to the core systems
• Develop and implement system roles
• Manage user provisioning
• Governance of Critical Transactions list and reporting
• Manage Business and Technical Fire-fighter access
• Work in close cooperation with the business area to define the best possible access for the people operating theprocess and eliminate or mitigate the identified risk for the system processes.
• Build strong relations with the Financial Controlsteam and Internal Audit to ensure compliance requirements for Segregation ofduties and system access are properly translated and implemented.
• Develop and maintain the role design standards
• Develop and maintain all access and control policiesfor the organization
• Define and maintain the Segregation of Duties rule set
• Provide Segregation of duties leadership guidance tothe system implementation
• Ensure team capacity is properly managed to ramp up ordown according to system change plans

Operational:

• Improve overallrole design architecture for systems
• Ensure a goodintegration of the Segregation of duties approach in overall robust AccessControl Framework together with IT
• Driveimprovement in SEGREGATION OF DUTIES mitigating controls monitoring, throughincreased automation and standardized reporting of control effectiveness
• Devise afuture orientated rolling roadmap for access, roles and segregation of dutieswhich takes full advantage of new technological developments
• In depthknowledge of systems Core Business Model processes
• Understandingof systems Authorizations
• Knowledge ofGRC Tool and extensions including User Access Review
• Experience ofcomplex automated triggers for large scale user bases > 10,000 users
• Experience ofa hybrid identity and access management architecture
• Manage theUser Access Validation reporting and dashboards
• Manage theUser Access and risk reporting and dashboards
• Incidentreporting on risk violations
• Communicationswith Auditors, both internal and external and senior stakeholders
• Preparationof detailed papers and presentations to senior management on all topics relatedto access and control
• Create formalprocesses for Segregation of duties Monitoring, Segregation of dutiesRemediation and SYSTEM Ruleset Maintenance.
• Assist IT withthe Identity Management/GRC Integration and SYSTEM Controls Optimizationprojects.
• Supportmanagement in the implementation of Continuous and Process Controls Monitoringin GRC
• Perform any other activity assigned by the Manager,Revenue Assurance.

Educational Requirements       

• Bachelor's degree required
• Post Graduate degree, MA/MBA/MSc preferred   
• Experience,Skills & Competencies       
• Minimum 5-7 years' experience
• Deep understanding of Access Policy approaches, Risk and Controls
• In depth knowledge of Core Business Model processes.
• Understanding of Authorizations
• Knowledge of GRC Tool including solution extensions
• Knowledge of complex GRC architectures with solution extensions
• ProfessionalAccounting Qualifications (ACMA, ACCA, ACA)