Head of Access Management Control
At a Glance
- Category
- 🏦 Finance & Banking
- Level
- C-Level
- Type
- Full-time
Are You Getting Through?
- Find out if ADIB's ATS is filtering your CV
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $5.88 one-time.
Role: Head of Access Management Control
Location: Abu Dhabi
Role Purpose:
To lead, govern, and continuously enhance the Access Management Control framework across the bank by driving robust Identity Access Management (IDAM) practices, strengthening Segregation of Duties (SoD), and embedding automation, enhancing controls, and governance standards. The role ensures effective stakeholder engagement, regulatory compliance, and optimization of access lifecycle processes across UAE and international operations.
To work with stakeholders in enhancing access management processes, controls and onboarding new applications in Identity Access Management tool (IDAM) and enhance the reviews process, SOD and implement Role Mining as per standard matrices.
To advise and support the business units in establishment and maintaining an adequate Role-Based Access profiles across their operating systems in ADIB UAE and International expansion, this will help demonstrate segregation of duties and authorized system activities according to job roles and responsibilities.
To supervisory review of user's definition and systems access process including setting-up new applications, applying the change requests of parameterization/configuration, creating new profiles or groups and maintain the existing profiles, groups, privileges/access rights and users.
Support and participate in new systems, enhanced processes, new initiatives, centralization of activities and handle assigned tasks by Head of BCM&ICD.
Key accountabilities of the role:
Governance & Control Framework
- Establish and continuously enhance the Access Management Governance Framework, aligned with regulatory expectations and internal policies (RCSA, audit, compliance).
- Ensure effective implementation of Segregation of Duties (SoD) and principle of least privilege across all systems.
- Lead periodic RCSA reviews, control testing, and assurance reporting for Access Management.
- Drive closure of audit findings, regulatory observations, and control gaps related to IAM.
- Define and enforce access lifecycle controls (joiner, mover, leaver, privileged access, periodic certification).
- Establish governance over third-party / managed service access controls, ensuring periodic validation and monitoring. Automation & Digital Enablement
- Drive and own automation roadmap for Access Management, including:
- IDAM platform enhancements
- Workflow digitization and straight-through processing
- Automated access certification and SoD checks
- Role mining and intelligent access profiling
- Lead development of dashboards and MIS reporting (KPIs/KRIs) to provide real-time control visibility.
- Collaborate with IT to embed preventive controls within systems (automated validations, system-enforced SoD).
- Promote data-driven decision-making using analytics for access anomalies, trends, and risk indicators.
Information Security & ITD Collaborations
- Work closely with GISD and ITD to:
- Define and enhance enterprise-wide IAM strategy and standards
- Onboard new applications into IDAM in a controlled and timely manner
- Define and maintain SoD rulebooks and access risk matrices
- Implement role mining frameworks and optimization strategies
- Ensure alignment with GISD on:
- Information Security policies impacting access management
- Privileged Access Management (PAM) controls
- Identity governance best practices
- Act as the primary interface between Operations, GISD, and ITD for IAM-related initiatives.
- Support GISD in implementing security-driven enhancements and ensuring compliance with bank-wide security standards.
Access Management Operations
- Oversee end-to-end User Access Management (UAM) operations, including:
- Access provisioning, modification, and revocation
- Review and approval of access requests and changes
- Maintenance of profiles, roles, and security groups
- Supervise onboarding of new applications, including:
- Defining UAM baseline requirements
- Performing system testing and control validation pre-implementation
- Plan and execute periodic access reviews and certifications.Team Management & Capability Building
- Lead and manage the UAM / IJAM team performance, including:
- Goal setting, performance reviews, and coaching
- Capacity planning and workload allocation
- Build a strong control culture within the team, ensuring adherence to policies and procedures.
- Develop team capabilities through:
- Training programs (IAM, SoD, tools, regulatory expectations)
- Knowledge sharing and continuous learning initiatives
- Drive succession planning and Emiratization support, where applicable.
- Ensure consistent quality, timeliness, and compliance across all deliverables.
Continuous Improvement & Transformation
- Identify and eliminate manual inefficiencies and redundant controls.
- Lead process re-engineering initiatives to improve turnaround time and control effectiveness.
- Benchmark against industry best practices and implement enhancements accordingly.
- Support centralization and standardization initiatives across geographies.
Specialist Skills / Technical Knowledge Required for this role:
Strong expertise in Identity & Access Management (IAM / IDAM) frameworks, including user lifecycle management (Joiner–Mover–Leaver), role-based access control (RBAC), and identity governance
Proven experience in Access Management Governance frameworks, including RCSA, control testing, audit engagement, and regulatory compliance
Hands-on experience with IDAM tools and platforms (e.g., ServiceNow, IAM suites, workflow tools), including application onboarding, access certification, and role mining.
Advanced stakeholder management and communication skills, with ability to engage Business, ITD, GISD, Risk, Audit, and Compliance functions effectively
Demonstrated leadership and team management capability, including performance management, coaching, and capability development
Strong process improvement and re-engineering skills, with the ability to identify inefficiencies and drive standardization and control optimization.
Previous experience required (if any):
12–15 years of progressive experience in Access Management, Identity & Access Management (IAM), and IT Controls, preferably within banking or financial services.
Proven experience in leading enterprise-wide Access Management or IAM functions, including governance, control design, and operational oversight.
Requirements
- •Experience in leading and governing Access Management Control frameworks
- •Knowledge of Identity Access Management (IDAM) practices
- •Expertise in Segregation of Duties (SoD) and principle of least privilege
- •Ability to lead periodic RCSA reviews and control testing
- •Experience in driving closure of audit findings and regulatory observations
- •Experience in establishing governance over third-party/managed service access
- •Ability to collaborate with IT and Information Security departments
Responsibilities
- •Establish and enhance the Access Management Governance Framework aligned with regulatory expectations
- •Ensure effective implementation of SoD and least privilege across all systems
- •Lead periodic RCSA reviews, control testing, and assurance reporting
- •Drive closure of audit findings, regulatory observations, and control gaps related to IAM
- •Define and enforce access lifecycle controls (joiner, mover, leaver, privileged access)
- •Establish governance over third-party / managed service access controls
- •Drive automation roadmap including IDAM platform enhancements and workflow digitization
- •Lead development of dashboards and MIS reporting (KPIs/KRIs) for real-time visibility
- Find out if ADIB's ATS is filtering your CV
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $5.88 one-time.
ADIB is a leading Islamic bank offering a wide range of banking and financial services. It serves individuals, corporations, and government entities.