Job Summary and Objective of the Position:
The Director II of Security Administration will set the overall strategy of the team, manage the team members and function, and establish procedures that will ensure that system access is granted appropriately to reduce risk, comply with regulatory requirements, and help to establish an efficient method for access provisioning.
Primary Job Functions:
- Develop the leadership skills of the Team Lead
- Manage the individual team members regarding reviews, goal-setting, expectations, etc.
- Establish and communicate direction and processes to properly handle requests in a way that both complies with audit requirements and fulfills requests in a reasonable length of time
- Collaborate with other managers of IT and business units on the provisioning of user access for new projects
- Meet with internal and external auditors regarding the granting and termination of user access
Strategy & Planning:
- Provide strategic leadership for the Security Administration function.
- Contribute to overall Information Security department strategy.
- Constantly seek ways to improve efficiency and challenge team members to submit ideas.
- Responsible for accurate and efficient use of identity management tools.
- Provide guidance to team members regarding the handling of requests and other team functions
- Provide guidance to team on specific matters regarding audit compliance and information security policy
- Run reports to determine the number and nature of incoming requests
- Conduct regular team meetings
- Conduct inactive account and non-expiring password reviews
- Other tasks as needed
Work Experience, Education, Certification / Training Required:
- Baccalaureate degree in MIS, Computer Science, or other related technical field required; Masters degree in MIS, Computer Science, or other related technical field preferred
- Minimum of seven years of experience working in Information Technology; minimum of three years of experience working with Microsoft Active Directory.
- Minimum of four years of direct Information Security experience, preferably in access control.
- Minimum of three years management experience preferred.
- Recognized certifications in Information Security preferred (CISSP, CISA, GIAC, etc.)
Knowledge, Skills and Abilities Required:
- Deep understanding of access control methods, networks, file shares, mainframes, databases and widely used security administration tools.
- Ability to multi-task
- Ability to understand both high-level strategy and ground-level operations in Information Security
- Ability to improve processes
- Good communication skills required both oral and written
- Ability to interact with technical and non-technical associates
- Ability to work independently as well as part of a team