Identity and access management (IAM) technologies and business processes enable the creation, maintenance, and use of digital identity — ensuring that the right people gain access to the right materials and records at the right time. The IAM program serves the needs of Schwab by implementing IAM best practices via technologies and methods that improve convenience and ease of access for workforce members while safeguarding records and other key data. IAM Controls Assurance & Review is focused on the validation and continuous operating effectiveness of centralized IAM processes, including establishing and leveraging data assurance processes for continuous monitoring, process improvement, and risk mitigation for Schwab.
What youre good at
The Staff, Controls and Process Improvement is responsible for delivery of process documentation with consistency across policy, standards, control descriptions, and detailed standard operating procedures. They will perform process analysis to identify areas where Robotic Process Automation (RPA) can be used to execute and record IAM activities. They will partner with the team’s process owners to create and maintain current, accurate, and comprehensive process documentation, including control evidence, for all centralized IAM processes.
Processes and responsibilities will include:
- Review existing process documentation and conduct simulated walkthrough with IAM owners.
- Analyze processes for opportunities to automate routine steps and deploy RPA.
- Update and/or draft process documents on a periodic basis for all relevant IAM processes.
- Submit drafts for review by stakeholders and IAM leaders, and revise based on feedback.
- Liase with peers in IAM Access Risk & Controls (ARC) to ensure consistency from highest level policy language to most detailed procedure descriptions.
- Maintain alignment among all documentation regarding risks and performance of controls.
What you have
- 2+ years of information technology experience, or access management experience.
- Experience with technical writing and/or process visualization software (e.g. MS Visio) in an Information Security organization
- Experience with RPA or process analysis software (e.g. UiPath, Alteryx)
- Demonstrated written and oral communication skills.
- Knowledge of access concepts (e.g. authentication vs. authorization, centralized vs. local authorization, roles vs. entitlements).
- Excellent analytical skills, including the ability to anticipate issues and design solutions.
- Demonstrated experience performing control evaluations within a complex environment.
- Preferred - Relevant professional certification (CISA, CISSP, CIA or equivalent).