Refine and execute the Group-wide IAM strategy and roadmap, aligning with business objectives, regulatory frameworks, and the Group’s cybersecurity strategy.

• Ensure IAM and PAM remain critical business enablers while reducing risk and maintaining regulatory compliance.

• Lead a multi-country IAM structure, managing cross-border teams, vendors, and system integrators.

• Present regular updates to executive committees, boards, and regulators on IAM posture, risks, and performance.

• Oversee the end-to-end Joiner-Mover-Leaver lifecycle across all entities, ensuring automated provisioning, seamless role transitions, and timely de-provisioning.

• Integrate IAM controls with HR systems, core banking platforms, Active Directory, cloud services, and third-party fintech partners to deliver automated identity workflows.

• Maintain role catalogues, entitlement matrices, and Segregation of Duties (SoD) frameworks while driving high levels of automation to reduce manual errors.

• Own the configuration, customization, and scaling of the Group’s IGA platform.

• Prioritize onboarding of critical applications (core banking, payments, SWIFT, treasury, internet banking, HR/ERP, SaaS) into the IGA platform.

• Implement role-based access control (RBAC) and least privilege policies across all systems and deliver executive dashboards on users, entitlements, SoD conflicts, and exceptions.

• Define and lead the Group PAM strategy to secure administrator, root, and other privileged accounts.

• Deploy, configure, and manage PAM tools, ensuring central control and password vaulting/rotation for all privileged credentials.

• Implement Just-in-Time (JIT) provisioning and privileged session monitoring to minimize standing privilege and improve auditability.

• Conduct periodic access recertification campaigns and standardize review processes for managers, role owners, and application owners.

• Ensure compliance with diverse regulations, including central bank guidelines, GDPR, PCI-DSS, ISO 27001, and local data-protection laws across all operating countries.

• Maintain audit-ready documentation and provide evidence to internal/external auditors, remediating findings promptly.

• Operate centralized access request and approval processes for employees, contractors, and third parties with self-service portals and automated approval workflows.

• Enforce least privilege and SoD controls across on-premises, cloud, and fintech partner ecosystems.

• Manage a dedicated team to ensure all access requests are fulfilled within agreed SLAs.

• Define and maintain IAM and PAM policies, standards, and control requirements.

• Integrate IAM risk scoring into the Group’s enterprise cyber-risk framework.

• Partner with enterprise risk, cybersecurity, compliance, and internal audit to manage IAM risk holistically.

• Continuously monitor global IAM trends to embed modern practices such as Zero Trust and cloud-native IAM.