IT Systems Access Officer at Mancosa

About the position

Introduction

MANCOSA, a DHET registered and CHE accredited private higher education distance education provider, offering undergraduate and postgraduate business qualifications, has the following vacancy available: IT Systems Access Officer

Duties & Responsibilities

The Systems Access Officer is responsible for managing, governing, and auditing user and privileged access across all MANCOSA IT systems. The role ensures access rights are assigned and revoked in a timely, secure, and auditable manner, supporting identity and access governance, regulatory compliance, and cybersecurity maturity. This includes managing access across a broad portfolio of systems such as SailPoint, Active Directory, Microsoft 365, Mimecast, Netskope, and multiple support and cloud platforms. The officer plays a vital role in reducing access-related risks by coordinating with infrastructure, application owners, internal audit, and external service providers.

Identity & Access Governance (IAM)
• Administer user provisioning and deprovisioning using SailPoint Identity Now.
• Implement and maintain role-based access control (RBAC) and segregation of duties (SoD).
• Manage joiner/mover/leaver processes in alignment with HR and compliance policies.

Privileged Access Management (PAM)
• Ongoing Management of privileged accounts
• Review, approve, and audit elevated access for IT administrators, database administrators, and third-party vendors.
• Monitor session recordings and enforce JIT access principles.

Access Reviews & Certifications
• Coordinate and conduct quarterly access reviews across key IT systems.
• Remediate non-compliance issues and report results to IT Management.
• Perform monthly PAM reviews and recertifications.

System Access Control
• Maintain access control matrices for all institutional systems.
• Approve and log access requests and changes via ITSM workflows.
• Document access levels and exception approvals for audit purposes.

Cloud & Endpoint Access
• Enforce MFA and conditional access via Azure AD and Intune.
• Validate device compliance for access to corporate resources.
• Audit inactive accounts and perform periodic cleanup.

Third-Party Access Management
• Track and manage access for suppliers, consultants, and external users.
• Ensure vendor access is temporary, contract-bound, and logged.

Security Monitoring & Audit Support
• Collaborate with security teams to investigate access-related anomalies.
• Respond to DLP, Secure Score, and SIEM alerts related to access violations.
• Support internal and external IT audits.

Policy Development
• Development and periodic review of MANCOSA Policies directly related to this role. Such as (Account management Policy, Access Control Policy, Audit Logging and Monitoring Policy, Third Party Access Policy)

End-User Support
TBA
• Will be required to provide occasional End User Support as needed

Desired Experience & Qualification

Essential qualification :

• Diploma or Degree in Information Technology or related field.

Essential experience :

• 3 years in identity/access management, IT support, or cybersecurity operations.
• Experience with SailPoint, Azure AD, Active Directory, Microsoft 365.
• Knowledge of IAM, PAM, SoD, and compliance frameworks (NIST, CIS, POPIA, ISO 27001).

Essential Job-Related Knowledge, Skills and Behaviour :

• Detail-oriented with strong organizational and documentation skills.
• Familiarity with ITSM systems (e.g., Freshdesk, ServiceNow).
• Analytical mindset and ability to handle sensitive data responsibly.
• Ability to communicate across technical and non-technical stakeholders.

Must be capable of working with visual and auditory input
Willingness to work overtime when required