Ir para o conteúdo

  • Locais de publicação: Noida, India

Arranjo de trabalho
Tempo integral
Modelo de Trabalho
Assistência de realocação disponível
Data de publicação
ID da vaga

Descrição e requisitos



The team performs the MetLife’s User Access Certification by running campaign as per certification cycle due on Access Central tool. Compliant to IT Risk and Security by providing access to users limited to their job profile. Participate in SOX/ SAS 70 audits for artifacts validation and clearance. Manage and answer emails received in the mailbox related to all Governance activities run under IAM and access Central Tool navigation.


  • Testing of users and entitlements across all the applications used in MetLife
  • Participate in SOX/ SSAE18/ SOC2 audits for artifacts validation and clearance
  • Segregate users of these applications into various risk categories
  • Certify their access for appropriateness For Audit
  • Create Segregation of Duties (SOD) Matrix for each application
  • Deleting users with inappropriate access from the application
  • Performing check on all the terminated users and their access to various applications
  • Perform testing across all platforms/ infrastructures and for Brighthouse and DXC users



Job Responsibilities


  1. Responsible for gathering correct information from application owner / contact to create security profile for the application used in MetLife
  2. Conducting meetings to achieve the requirement for Global Governance Review
  3. Prepare and upload the certification workbook on Access Central and send email to certifying managers for user certification decisions ( Keep / Delete )
  4. Creation of Segregation of Duties (SOD) matrix post receiving certification decisions from certifying managers
  5. Identification of system, functional and duplicate accounts in the application and perform certification campaign for their certification
  6. Timely follow up with the certifying managers to provide certification decision in time to avoid revocation of access
  7. Prepare and share Evidence Summary File with the application owner and seek approval if deemed appropriate before the campaign ends
  8. Open and keep track of archer finding for greater than read access users in the application



Knowledge, Skills and Abilities




  • IT Graduate
  • IT Risk and Security knowledge
  • MS Office




  • 3 years of Experience of IT Risk & Security Audit & Compliance
  • Hands on work experience in User Entitlement Certifications
  • Must process problem solving, planning, and analytical skills to drive continuous improvements



Knowledge and skills (general and technical)

  • Thorough knowledge of User Entitlement and Certifications
  • Exposure to IT Archer Findings
  • Exposure to Active Directory Console and Quest
  • Exposure to enterprise share-point
  • Intermediate MS Office skills



Other Requirements (licenses, certifications, specialized training – if required)

  • Certified Identity Management Professional (CIMP) preferred
  • Cloud Identity and Access Manager (CIAM) Certification desirable


Working Relationships


Internal Contacts

(and  purpose of relationship):


  • All Internal GOSC Stake Holders


External Contacts

(and purpose of relationship) – If Applicable


  • Stateside Client/ Engineers from different regional Security teams (Such as Country/Regional Head for Monitoring/Containment)