At JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI.
To make a difference with us, all you need to do is bring your human best.
What will your story be? Apply now!
Learn more: jti.com
Department: Global D&IT
Duty Post: Taguig City
Hiring Manager: AG-OPS SAP UNIT MANAGER
IAG Apps Authorizations Engineering Manager
He/She will provide security expertise as a part of the IAG Apps Authorizations Engineering team to contribute to producing the architectural design of permissions management globally via JTI's IAM system. Will be responsible for establishing and maintaining communication with business customers to contribute to collecting details related to application integration access management details, which should later be aligned to JTI IAM standards and translated into technical requirements for the IAG Solutions team. He/She Supports the build of the access map model, the incumbent will be supporting the process of producing effective designs and further development and maintenance of RBAC and ABAC models across the JTI's application portfolio via technical integration with MyAccess (SailPoint IIQ). Aside from the access modeling, it will support the design, delivery, and ongoing maintenance of recertification models, approval diagrams, lifecycle workflows, design and execution/offload of permissions compliance audits, and regular auditing of access controls.
As the IAG Apps Engineering Manager, you will:
Access Workflows and RBAC/ABAC Implementation and Maintenance:
Support the process of defining roles, permissions, and access levels based on job responsibilities. This involves mapping user roles to specific actions they can perform within the system. Contributing to creating workflows that align with RBAC policies (if applicable). Workflows resolve how users move through different stages of a process, supporting the processes of ensuring proper access at each step. Support the development of processes for users to request access and obtain necessary approvals. This includes defining workflows for access provisioning and de-provisioning
Lifecycle Maintenance
Maintenance of accesses provisioning and de-provisioning processes within the user’s entire lifecycle (JML) including recertification processes maintenance across all application landscapes connected tothe IAM system
Policies, Compliance, and Monitoring
Perform the activities associated with the daily role prescribed by the schedule and be aware of the schedule. Align with hub operation time. Respect scheduled breaks (lunch, etc.). Align with JTI Policies & Procedures, internal processes and SLAs, IT policies , and JSOX controls as specified in the JSOX Global Reference Model. Supporting the processes of regularly auditing access controls, reviewing permissions, and ensuring compliance with regulations within the IAM space. Policy Enforcement: Support the enforcementof IAG policies to ensure they are consistently applied. This involves monitoring access, detecting violations, and taking corrective actions. Documenting IAG rules, workflows, and procedures. Training users and partners on IAG principles and best standard processes is essential
Operational Improvements and Automation
Support the collaboration with IAG Operations and Solution teams, contribute into the process of routine task automation by driving the innovation for new workflow automation, update and correction of existing workflows. Identify possible improvements to the daily routine operations and share them with the team to evaluate and implement the most beneficial solutions. Closely work with other technical teams to leverage the usage of existing and any upcoming tools and systems that could be used to improve the overall operational and non-operation actives of the IAG group (conditional-based automated actions, operational process changes improving efficiency, process changes that increase the security, etc.)
Project Support
Provide project support for projects executed within the IAG group Take a proactive role in IAG Apps Authorizations Engineering-owned projects from their initiation to implementation, involve required stakeholder Be an integral part of any MyAccess integration projects with 3rd party systems/apps, collect and evaluate access-related requirements, and translate them in the form of DevOps stories for IAG developers to implement, ensuring that an efficient and secure lifecycle process is implemented. Ensure that JTI's policies and procedures are respected and new implementations are not damaging our security posture Participate in projects in an agile manner with the utilization of available technologies (like Azure DevOps)
Knowledge Management
Acquire and maintain the firm level of knowledge in accordance with group standards as a result of training and service experience, and knowledge-base usage. Actively seek new knowledge, and be aware of newly introduced policies and procedures. Apply in day-to-day operations, identify knowledge gaps, and make proposals for Knowledge base extension. Support the creation/maintenance of processes that result in end-users timely receiving access commensurate with their job responsibilities Follow the practice of documentation creation for new processes (manuals, procedures, audits, etc.) Apply updates to internal documents used by the team and KB articles in ITSP Stay up to date with technological and procedural changes within our team/group/company.
Requirements:
University Degree or equivalent experience
4 years of working experience in an IT area, preferably in the areas of access management and process/workflow design, security systems, in the areas of security application support, and customer service in a global environment.
Upper-intermediate English, and other languages are also desirable
Adequate analytical skills enabling him/her to contribute to the design of logical and secure access management workflows for any target systems with utilization of IAM solutions for global environments.
Proficient in data analytics with usage of available tools (e.g. MS Excel, Power BI etc.).
Supportive role in the design and execution of IT security controls and global standardization builds
Technical skills in the following:
Microsoft AD, ENTRA ID, Synchronization services, and AD/EntraID objects management
Objects management in Exchange/Exchange Online
File Server resources and access management
Practical usage of PowerShell
Security Training
Knowledge of SAP Security and Authorizations
Are you ready to join us? Build your success story at JTI. Apply now!
Next Steps:
After applying, if selected, please anticipate the following within 1-3 weeks of the job posting closure: Phone screening with Talent Advisor > Assessment tests > Interviews > Offer. Each step is eliminatory and may vary by role type.
At JTI, we strive to create a diverse and inclusive work environment. As an equal-opportunity employer, we welcome applicants from all backgrounds. If you need any specific support, alternative formats, or have other access requirements, please let us know.