Iam (Identity and Access Management) Operations Analyst

Singapore, SG Full-Time Techology

Marex has unique access across markets with significant share globally both on and off exchange. The depth of knowledge amongst its teams and divisions provides its customers with clear advantage, and its technology-led service provides access to all major exchanges, order-flow management via screen, voice and DMA, plus award-winning data, insights and analytics.

The Technology Department delivers differentiation, scalability, and security for the business. Reporting to the COO, Technology provides digital tools, software services and infrastructure globally to all business groups. Software development and support teams work in agile ‘streams’ aligned to specific business areas. Our other teams work enterprise-wide to provide critical services including our global service desk, network and system infrastructure, IT operations, security, enterprise architecture and design.

**Role Summary**:
The IAM Operations analyst role is responsible for managing and supporting the systems, processes, and tools used to handle the identity lifecycle, authentication, authorization, and access control within an organization’s IT infrastructure.

The IAM Operations analyst collaborates with multiple teams within IT, including security, infrastructure, and support teams, to manage identity-related processes, troubleshoot access issues, and ensure compliance with internal and external regulatory requirements.

**Overall Responsibilities**

**Role Specific**:

- IAM Strategy & Implementation: Design and implement a robust IAM framework aligned with security best practices and business needs.
- User Access Management: Oversee user provisioning, deprovisioning, and role-based access control across multiple systems and regions.
- Security & Compliance: Ensure adherence to regulatory requirements (e.g., GDPR, SOX) and internal security policies.
- Reporting and Documentation: Maintain thorough documentation of user access policies, and audit logs for internal and external reporting purposes.
- Role based Access control assessment (RBAC): Ensure role definitions are clear and users are only assigned the necessary rights to perform their role in the organization in order to minimize risk of excessive or inappropriate permissions.
- Stakeholder Engagement: Work closely with IT, security, and business leaders to align IAM initiatives with organizational goals.
- Incident Management: Lead investigations into access-related security incidents and recommend remediation measures.
- Training and awareness: Ensure staff understand user access policies, procedures and security awareness.
- Ensure high priority requests are handled efficiently and in compliance with the IAM guidelines and SLA’s.
- Manage the IAM Team, carry out annual appraisals ensuring that all team members are meeting their performance targets and delivering high-quality support to clients.
- Close monitoring of the relevant Jira queues, managing and updating of Jira tickets within agreed SLA’s.

**Other Responsibilities**:

- Ensure compliance with the company’s regulatory requirements under the FCA.
- Adhere to the operational risk framework for your role ensuring that all regulatory or company determined parameters are complied with.
- Role model for demonstrating highest level standards of integrity and conduct and reflecting Company Values.
- At all times comply with the FCA’s Code of Conduct.
- To ensure that you are fully aware of and adhere to internal policies that relate to you, your role or any other activities for which you have any level of responsibility
- To report any breaches of policy to Compliance and/ or your supervisor as required
- To escalate risk events immediately
- To provide input to risk management processes, as required.

**Competencies, Skills and Experience**

**Essential**
- Technical Expertise: Understanding of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO (Single Sign-On), MFA (Multi Factor Authentication), and role-based access control (RBAC).
- Security Knowledge: In-depth knowledge of security concepts like least privilege, identity governance, and privileged access management (PAM).
- Compliance Awareness: Familiarity with regulations such as GDPR, SOX, HIPAA, and industry standards like ISO 27001.
- Problem-Solving Skills: Ability to identify and address IAM-related security issues and access violations, along with implementing effective solutions.
- Communication Skills: Ability to work with cross-functional teams (IT, security, legal) and communicate complex IAM concepts to both technical and non-technical stakeholders.
- Analytical Skills: Ability to assess and review user access data, audit trails, and IAM configurations to ensure compliance and security.

**Desirable**
- Experience working in a regulated environment and knowledge of the risk and compliance requirements associated with this.

**Competencies**
- Strategic Vision: Ability to design and implement