Job Description

As our Access Management Lead, a new position within the Enterprise Technology Controls Team, your primary focus is to support the Director of Enterprise Technology Controls to drive the compliance and improvement of the User Access Management strategy and manage and enhance Informa’s access controls to ensure they remain effective.

You will have a strong understanding of the general IT controls relating to the domain of access of programs and data, and the Shared Service Organisation Process Control environment, including the Risk and Control Matrices, to understand the business risks that are presented, and how these are can be appropriately mitigated by the use of access controls.

You will ensure that the Group policies are adhered to for the applications within the remit of the Enterprise Technology Controls Team, and that the access controls are operated effectively to reduce or fully mitigate identified risks.

The IT control’s function expanded, and the current Enterprise Technology Controls team was established in 2020 to provide Informa management with the continued assurance over the effectiveness of the company’s General IT Controls. The team originally only provided assurance over the 2 financial ERPs SAP, and Oracle, but since its creation it has continued to evolve and is now taking responsibility for other peripheral SAP and Oracle applications, along with coordinating the IT audit with our External Audit Partners. The team sits as part of the Technology Solutions and Services (TSS) Group under the Enterprise Technology team, reporting into the Chief Enterprise Technology Officer (CETO) but with dotted responsibilities to the Chief Information Security Officer (CISO) and the Chief Technology Operating Officer (CTOO).

Key interactions

You will report into the Director of Enterprise Technology Controls and will work closely with our 3rd party support providers Mindtree and IBM; liaising frequently with other internal controls teams, as well as Internal Audit, Information Security and IT Compliance to ensure that Informa’s enterprise applications maintain a controlled environment that does not encumber the efficiency of operational activity. This role does not have any people management responsibilities.

Key Outputs and Outcomes

Design and enforce access controls to ensure compliance with key group policies, such as the Identity and Access Management policy to enforce the Principle of Least Privilege Support building awareness of user access management standards across TS&S, including participating in overall design, support management of policies and provide user access management recommendations for companywide projects. Responsibility and ownership for maintaining and enhancing the Segregation of Duties rulesets, collaborating with the SAP GRC Technical Specialist and the Oracle Controls Lead to manage ruleset updates, driving changes to ensure risk alignment and eliminate any false positives Drive the Segregation of Duties assessments for role changes and new developments, and manage the cross-system Segregation of Duties across the Enterprise Technology applications landscape Support the management and operation of the SAP Governance, Risk and Compliance (GRC) tool. To run and interrogate access risk analysis reporting for SAP and Oracle across the current role design and end user assignments via ARA reporting and User/Role simulations. Actively seek opportunities for access control improvements such as the use of automation and new technologies that would benefit Informa Responsibility for operating the user access reviews process across the Enterprise Technology Applications Support security requirements gathering and analysis for in scope applications Provide 1st line support to internal and external partners, assisting with their review of the access management controls Be a trusted guide and support for other internal teams in designing effective access controls, including providing training where required Development and maintenance of access control procedures Provide support for any User Access Control incidents Seek opportunities to ensure that personal user access management and controls knowledge is kept up to date and remains current.

Measures of Success

Strong, robust and consistent access controls operation across Enterprise Technology applications Continue to see a reduction in user access management related incidents Positive audit results and a continued reduction in the deficiencies being noted

Qualifications

Practical knowledge of General IT controls and security principles essential, including change management procedures and access controls Proven experience of access control management essential A minimum of 2 years of related work experience in a multi-national company A motivated self-starter who can prioritise and work autonomously as well as being a team player. Good knowledge and understanding of business process risks across Purchase to Pay, Order to Cash, Record to Report and Hire to Retire gained within a Shared Service Centre Organisation or CoE operating model Relevant security qualification preferred (CC, CompTIA Security+, SSCP etc) or demonstrated technical capability at this level. Systematic and logical in approach Ability to carry out tasks within set time limits whilst providing an excellent level of service to all Informa customers and colleagues.  Solid record of managing large scale process changes with a continuous improvement mindset Enthusiasm and desire to further knowledge in user access management strategies, controls and procedures

Additional Information

We work hard to make sure Life at Informa is rewarding, supportive and enjoyable for everyone. Here’s some of what you can expect when you join us. But don’t just take our word for it – see what our colleagues have to say at 

Our benefits include;

Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely  Great community: a welcoming culture with in-person and online social events, our fantastic Walk the World charity day and active diversity and inclusion networks • Broader impact: take up to four days per year to volunteer, with charity match funding available too. Career opportunity: the opportunity to develop your career with bespoke training and learning, mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning. When it’s time for the next step, we encourage and support internal job moves. Time out: 25 days annual leave, rising to 27 days after two years, plus a birthday leave day and the chance to work from (almost!) anywhere for up to four weeks a year A flexible range of personal benefits to choose from, plus company funded private medical cover A ShareMatch scheme that allows you to become an Informa shareholder with free matching shares Strong wellbeing support through EAP assistance, mental health first aiders, a healthy living subsidy, access to health apps and more Recognition for great work, with global awards and kudos programmes  As an international company, the chance to collaborate with teams around the world

We’re not solely focused on a checklist of skills. We champion energy and ambition and look for colleagues who will roll their sleeves up, join in and help make things happen. If it sounds like a match and you have most – although not all – of the skills and experience listed, we welcome your application. At Informa, you'll find inclusive experiences and environments where all perspectives and backgrounds are welcomed. As part of this approach and our diversity and inclusion commitments, we are also formally an Equal Opportunities Employer. This means we base decisions on relevant qualifications and merit and do not discriminate on the basis of key characteristics and statuses, including all of those protected by law. Ask us or see our website for full information.