IAM Control Operations Analyst at Cigna

Job Description

(adsbygoogle = window.adsbygoogle || []).push({}); Cigna is a global health service company, dedicated to helping the people we serve improve their health, well-being and sense of security. Cigna has almost 40, employees who service over 80 million customer relationships around the world. Within its international division, a dedicated unit – headquartered in Belgium – focuses on the needs of International Organisations. This unit is specialised in servicing customers in remote areas as well as central hubs with five service centres in each time zone (Miami, Antwerp, Madrid, Nairobi and Kuala Lumpur) and local representations on every continent. When you work at Cigna, you can count on a different kind of career. > > Why join us? Healthy careers Cigna gives you the opportunity to grow and develop professionally and personally. Because we know our success begins with yours. Healthy returns We offer you monetary and non-monetary rewards. Our compensation is differentiated among employees based on responsibilities and performance. Healthy culture We stand for a work environment that includes the beliefs, values, norms, and management style of our company. Communication is key to our culture. Healthy life We show commitment to our employees’ health, well-being and security, with a strong focus on wellness.

Mission Statement

At Cigna, we’re more than a health insurance company. We’re a global health service company. Identity and Access Management is an integral part of IT whose mission is to enforce the principle of Least Privilege through regular Reviews and other Technical Access Controls while preserving Compliance for testing by external auditors.

Essential Duties and Responsibilities

The Identity Governance Management Analyst will be responsible for the design, development, and execution of Identity Access Reviews, Entitlement Management, and RBAC. Access Controls are operated to enforce the principle of Least Privilege and meet stringent regulatory requirements. These controls are tested by external auditors for accuracy and completeness which requires flawless and consistent execution. The Identity Governance Management Analyst will also be responsible for building and presenting control execution evidence to auditors while looking for opportunities to improve control execution for improved completeness, accuracy, and efficiency. You will work from our Nairobi offices, in close collaboration with team members in the UK and Kuala Lumpur. We expect you to work at least 40% from a Cigna office, the rest of the time you can work from home. You will be involved in the transition from RSA Lifecycle and Governance to Saviynt Cloud.

Responsibilities include, but are not limited to, the following:

Assess authentication and authorization schemas with application/system (SME) Subject Matter Experts. Educate system SMEs on the regulatory eco-system and communicate how individual applications and systems interact with each other. Assist systems owner SMEs in the identification of regulatory scope in their environment. This includes but is not limited to identifying environments, servers, user population, system functions, and permissions. Document positive and negative attestation of system scope. Document in-scope accounts and their effective permissions in preparation for Access Reviews. Analyze the business need of current accounts and effective permission sets. Support the design, implementation, and use of Entitlement Management capabilities in Access Management tools. Upload system data into Identity Governance tools. (Identity what data is uploaded. Validate the correctness of the data. Check frequency data gets renewed.) Execute Access Reviews manually and within Identity Governance tools. Manage user, privileged, and Service Accounts Support provisioning and termination controls Document and maintain Standard Operating Procedures

Job Specific Core Competencies

Hands-on experience in Identity and Access Management tools such as Saviynt and RSA Lifecycle and Governance, CyberArk, and Active Directory Experience with application entitlements and Role Based Access Controls Knowledge/Experience in SOX/SOC1/SOC2 Compliance Controls and information security best practices Experience with soliciting and documenting detailed business/audit requirements Basic experience working in the fields of Identity and Access Management and Privileged Access Management. Active Directory SQL – Oracle Okta Familiar with managing stories on Jira boards Excellent written and verbal communication skills with a customer focus. Ability to work with a variety of internal and external stakeholders Supportive, customer focused Reporting and documentation Proactive and positive mindset

Education/Experience Requirements

Education

Bachelor degree in Computer Science, Cyber Security, Information Technology, Information Sciences, or equivalent educational or professional experience and/or qualifications

Work Experience

2 years experience in all aspects of computer operations or an equivalent combination of education and work experience Preferred: 2-4 years in developing, implementing, and/or operating IAM systems and controls