Job Application

We are AMS. We are a global total workforce solutions firm; we enable organisations to thrive in an age of constant change by building, re-shaping, and optimising workforces. Our Contingent Workforce Solutions (CWS) service partner with Tesco Bank to support contingent recruitment hiring.

On behalf of Tesco Bank, AMS are now looking for an Access Management Specialist to work in their Access Assurance team based in Glasgow/Edinburgh.

There is flexibility around office attendance for candidates based further out (once/month for example). This is an initial contract up to October 2024. An extension is currently being sought for this contract length.

Tesco Bank prides itself on their range of simple and convenient retail banking and insurance products designed specifically to meet the needs of Tesco customers. They believe that every little help makes a big difference, and by putting the customer first and rewarding their loyalty, they are offering something they believe every bank should.

Job description - the role

Primarily you will be working from a work stack of improvement actions in the access space. You will be key to ensuring that Tesco Bank operate an effective control environment for their Identity & Access Cyber Security Controls.

The work will include specialist support for Access Management implementations within Technology to identify operationally where proportionate controls should be applied to reduce risk, improve security, and comply with Policy & Standards. This activity will span On-Premises, Cloud hosted/SaaS applications & infrastructure including the extension of existing Role Based Access models, entitlement certification processes and Privileged Credential Storage where gaps are identified.

Additionally, the role may include ensuring effective Access Management controls are in place within other areas of Technology through engagement with Projects that are delivering new or changed Technology.

The role presents the opportunity to interact with Business Application owners and their teams, Technology Platform teams & SMEs within Access Management/IT Security, Risk & Control.

Key Activities

1. Engagement with Project Management/Oversight & Access/Security teams.
2. Recommending Access Control Remediation/Implementation Activity.
3. Tracking implementation of Access Controls on a per application basis.
4. Ensuring Controls implementation will pass independent assurance tests.

Candidate Profile: Key accountabilities, skills & experience

• Knowledge of Access Management fundamentals (eg Role Based Access, concepts of Least Privilege/Toxic Combinations, Entitlement reviews etc. Levels of Privilege/Segregation of Duties etc.)
• Ability to confidently lead a privileged access review, engage with application SMEs and to report findings, recommendations and track these through to remediation.
• Ability to understand technology entitlements and assist teams in designing appropriate Role Based Access Models.
• Knowledge of wider Cyber Security Controls (Structure, Assessment etc.)
• Good communication and influencing skills.
• Previous of experience of working on Technology Infosec Access Management programmes within a regulated authority (financial services, healthcare, etc.).

Why Tesco Bank?

At Tesco Bank everyone is welcome, we value our people and diverse teams and believe the variety of backgrounds and experiences make us stronger in achieving our goals. It's important to us that we make sure you're supported by your team and colleague networks every day, celebrating when it matters and helping you to be the best version of yourself. The people make Tesco Bank, and we take pride in what we achieve together.

Next steps

If you are interested in applying for this position and meet the criteria outlined above, please click the link to apply and we will contact you with an update in due course.

Our client will only accept workers operating via an Umbrella or PAYE engagement model.

Please note that for the duration of this assignment you will be working as an external resource engaged by AMS.