Identity Governance Consultant

At Allianz, we’re proud to be named one of the Best Workplaces in Australia 2024 and a Great Place to Work. We’re one of the world’s leading insurance and asset management brands, with a workforce as diverse as the world around us, which is why we hire the very best people to further our commitment to securing the future for our people and customers.

We offer an inclusive workplace where everyone feels like they belong, while promoting a culture of lifelong learning, development, and global mobility. Join us and share your ideas, be inspired, give back to the community and feel proud to be a part an organisation doing meaningful work that matters while supporting sustainability, mental health, and well-being.

Let’s care for tomorrow, so we can create a better future together, for everyone.

The primary purpose of this role is to ensure that Identity and Access Management (IAM) practices adhere to governance frameworks, regulatory requirements and local and group IAM policies. This role is responsible for providing oversight and governance over IAM activities and the adoption of the Group IAM TOM and compliance with Group IAM policies and standards locally.

**About the role**

**Requirements gathering**:

- Conducting detailed analysis of current IAM processes and identifying opportunities to streamline and optimise processes.
- Providing pragmatic cyber risk advice regarding IAM-related risks, issues, incidents, and mitigating actions.

**Risk, Compliance, and Governance**:

- Developing and maintaining end-to-end identity governance processes and procedures.
- Developing, maintaining, and ensuring identity and access governance procedures efficiently and effectively meet access control objectives.
- Managing the investigation and remediation of any IAM-related audit findings reported by risk and following up with stakeholders as required.
- Ensuring that all IAM processes are being reviewed annually, incorporating updates and changes to align with local regulatory and Group IAM requirements.
- Providing governance over IAM activities, including setting the schedule for periodic reviews and defining local controls.

**Stakeholder Collaboration**:

- Providing guidance for the implementation of IAM tooling for Allianz Australia, ensuring capability meets IAM controls, policies, and procedures.
- Collaborating with the IAM Business Operations function, providing SME guidance on local IAM regulations, and preparing exception requests for Group IAM governance.
- Supporting the IAM Business Operations function to ensure that an Allianz Australia-specific SoD matrix is being defined and maintained, considering the group-wide defined minimum SoD requirements and additional Allianz Australia-specific SoD requirements.
- Collaborating with the Group Cyber Security community, liaising effectively with Allianz Australia IT and security operations teams, and contributing towards delivering Allianz Australia’s Cyber Strategy.
- Collaborating with stakeholders to develop and embed cybersecurity risk management practices.

**Monitoring and Reporting**:

- Developing and maintaining Cyber Security, Protection, and Resilience Dashboards, and preparing Management and Board Reporting.
- Continuously monitoring the IAM Dashboard for compliance with IAM policies and standards, reporting any identified access or Segregation of Duties (SoD) violation-related risks, and assisting in the investigation and remediation.
- Understanding the identity source of truth and streamlining access provisioning/de-provisioning, user access revalidation, approval processes, and reporting within the global and local IAM systems.

**About you**
- Bachelor’s degree in Cyber Security, a related field or comparable work experience.
- Excellent verbal and written communication skills, capable of communicating with clarity.
- At least 2-3 years of work experience in an IT governance role, audit or business analyst role, preferably in the field of Identity and Access Management or Cyber Security.
- Knowledge of cyber security regulatory requirements and standards.
- Understanding of IAM concepts, such as authentication, authorisation, provisioning, role-based access control, processes as well as security, risks and governance.
- Demonstrated ability to work in a team as well as independently.
- Self-starter, with the ability to plan and prioritise effectively, organise tasks and manage competing priorities and demands.
- Demonstrated ability to partner and collaborate effectively with stakeholders to establish strong professional relationships.
- Experience with incidents and request handling with a close contact to IT and business stakeholders.
- Understanding of Cyber Security frameworks e.g. NIST, Essential 8 is desirable.
- Outcome and customer focused with highly developed problem-solving skills, combined with and curious, creative, and critical thinking mindset.

**Benefits and perks**
- Inclusive Culture: Join a supportive, open-minded team fo