Skip to content
Location(s)

  • Posting Location: Noida, India

City/Cities
Noida
Country
India
Working Schedule
Full-Time
Work Arrangement
Hybrid
Relocation Assistance Available
No
Posted Date
23-May-2024
Job ID
3103

Description and Requirements

 

The team performs the MetLife’s User Access Certification by running campaign as per certification cycle due on Access Central tool. Compliant to IT Risk and Security by providing access to users limited to their job profile. Participate in SOX/ SAS 70 audits for artifacts validation and clearance. Manage and answer emails received in the mailbox related to all Governance activities run under IAM and access Central Tool navigation.

 

  • Testing of users and entitlements across all the applications used in MetLife
  • Participate in SOX/ SSAE18/ SOC2 audits for artifacts validation and clearance
  • Segregate users of these applications into various risk categories
  • Certify their access for appropriateness For Audit
  • Create Segregation of Duties (SOD) Matrix for each application
  • Deleting users with inappropriate access from the application
  • Performing check on all the terminated users and their access to various applications
  • Perform testing across all platforms/ infrastructures and for Brighthouse and DXC users

 

Job Responsibilities

  1. Responsible for gathering correct information from application owner / contact to create security profile for the application used in MetLife
  2. Conducting meetings to achieve the requirement for Global Governance Review
  3. Prepare and upload the certification workbook on Access Central and send email to certifying managers for user certification decisions ( Keep / Delete )
  4. Creation of Segregation of Duties (SOD) matrix post receiving certification decisions from certifying managers
  5. Identification of system, functional and duplicate accounts in the application and perform certification campaign for their certification
  6. Timely follow up with the certifying managers to provide certification decision in time to avoid revocation of access
  7. Prepare and share Evidence Summary File with the application owner and seek approval if deemed appropriate before the campaign ends
  8. Open and keep track of archer finding for greater than read access users in the application