IAM (Identity Access Management) Operations Analyst

Marex is a diversified global financial services platform, providing essential liquidity, market access and infrastructure services to clients in the energy, commodities and financial markets. The Group provides comprehensive breadth and depth of coverage across four core services: Market Making, Clearing, Hedging and Investment Solutions and Agency and Execution. It has a leading franchise in many major metals, energy and agricultural products, executing around 50 million trades and clearing 205 million contracts in 2022. The Group provides access to the world’s major commodity markets, covering a broad range of clients that include some of the largest commodity producers, consumers and traders, banks, hedge funds and asset managers. Marex was established in 2005 but through its subsidiaries can trace its roots in the commodity markets back almost 100 years. Headquartered in London with 36 offices worldwide, the Group has over 1,800 employees across Europe, Asia and America. Marex has unique access across markets with significant share globally both on and off exchange. The depth of knowledge amongst its teams and divisions provides its customers with clear advantage, and its technology-led service provides access to all major exchanges, order-flow management via screen, voice and DMA, plus award-winning data, insights and analytics.

The Technology Department delivers differentiation, scalability, and security for the business. Reporting to the COO, Technology provides digital tools, software services and infrastructure globally to all business groups. Software development and support teams work in agile ‘streams’ aligned to specific business areas. Our other teams work enterprise-wide to provide critical services including our global service desk, network and system infrastructure, IT operations, security, enterprise architecture and design.

The IAM role will sit within the technology group and primarily will be responsible for users access management across our full stack of technology supported applications. The IAM Operations analyst role is responsible for managing and supporting the systems, processes, and tools used to handle the identity lifecycle, authentication, authorization, and access control within an organization’s IT infrastructure. The IAM Operations analyst collaborates with multiple teams within IT, including security, infrastructure, and support teams, to manage identity-related processes, troubleshoot access issues, and ensure compliance with internal and external regulatory requirements.

Responsibilities:

• IAM Strategy & Implementation: Design and implement a robust IAM framework aligned with security best practices and business needs.
• User Access Management: Oversee user provisioning, deprovisioning, and role-based access control across multiple systems and regions.
• Security & Compliance: Ensure adherence to regulatory requirements (e.g., GDPR, SOX) and internal security policies.
• Reporting and Documentation: Maintain thorough documentation of user access policies, and audit logs for internal and external reporting purposes.
• Role based Access control assessment (RBAC): Ensure role definitions are clear and users are only assigned the necessary rights to perform their role in the organisation in order to minimise risk of excessive or inappropriate permissions.
• Stakeholder Engagement: Work closely with IT, security, and business leaders to align IAM initiatives with organizational goals.
• Incident Management: Lead investigations into access-related security incidents and recommend remediation measures.
• Training and awareness: Ensure staff understand user access policies, procedures and security awareness.
• Ensure high priority requests are handled efficiently and in compliance with the IAM guidelines and SLA’s.
• Manage the IAM Team, carry out annual appraisals ensuring that all team members are meeting their performance targets and delivering high-quality support to clients.
• Close monitoring of the relevant Jira queues, managing and updating of Jira tickets within agreed SLA’s.

Skills and Experience:

Essential

• Technical Expertise: Understanding of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO (Single Sign-On), MFA (Multi-Factor Authentication), and role-based access control (RBAC).
• Security Knowledge: In-depth knowledge of security concepts like least privilege, identity governance, and privileged access management (PAM).
• Compliance Awareness: Familiarity with regulations such as GDPR, SOX, HIPAA, and industry standards like ISO 27001.
• Problem-Solving Skills: Ability to identify and address IAM-related security issues and access violations, along with implementing effective solutions.
• Communication Skills: Ability to work with cross-functional teams (IT, security, legal) and communicate complex IAM concepts to both technical and non-technical stakeholders.
• Analytical Skills: Ability to assess and review user access data, audit trails, and IAM configurations to ensure compliance and security.

Desirable

• Experience working in a regulated environment and knowledge of the risk and compliance requirements associated with this.
• Strategic Vision: Ability to design and implement IAM strategies that align with business goals and security needs, both in the short and long term.
• Problem-Solving: Proficient at identifying complex IAM challenges and developing creative solutions to address them efficiently.
• Stakeholder Engagement: Strong communication skills to interact with senior leadership and other business units, ensuring IAM strategies are aligned with organizational goals and security needs.
• Reporting and Documentation: Ability to clearly present IAM performance, risks, and audit results to senior leadership and regulatory bodies.
• Conflict Resolution: Capable of resolving conflicts related to access management policies or resource allocation with diplomacy and professionalism.
• Auditing and Compliance: Skilled in conducting audits and ensuring IAM systems and practices comply with legal and regulatory requirements.
• Incident Response: Ability to quickly and effectively respond to access-related security incidents, including breaches, unauthorized access, or policy violations.
• Crisis Management: Strong decision-making ability in high-pressure situations, ensuring access management processes remain secure and operational during a crisis.

If you’re forging a career in this area and are looking for your next step, get in touch! Marex is fully committed to being an inclusive employer and providing an inclusive and accessible recruitment process for all. We will provide reasonable adjustments to remove any disadvantage to you being considered for this role. We value the differences that a diverse workforce brings to the company. We welcome applications from candidates returning to the workforce. Also, Marex is committed to avoiding circumstances in which the appearance or possibility of conflicts of interest may exist within the hiring process. If you would like to receive any information in a different way or would like us to do anything differently to help you, please include it in your application.