As the Lead Information Security Analyst, the candidate is responsible for providing thought leadership to the User Assess Management support team. This includes the day to day operational support of the User Access Management Automation solutions. This also includes expanding the current capability of the access review solution to provide users access validation to additional applications. The candidate must have experience working as a member of a team to achieve a common objective and also be capable of working independently with limited supervision. The candidate must have a proven track record of delivering quality security services on time. Solid knowledge of security access management processes and tools required to support a successful security services system is required. This position involves working closely with teams in other information security disciplines, as well as IT infrastructure, and operations areas.
- Provide input to improve the Role Based Access Control (RBAC), entitlement review and certifications process; Generate innovative ideas and challenge the status quo
- Participate in Level 2 support for user access and provisioning service.
- Manage the access review and testing of user’s access to ensure that users only have appropriate access to perform their assigned job duties.
- Demonstrate security control over business processes, internal controls, risk management, IT controls and regulatory standards
- Document processes relating to identity and access management
- Identify opportunities to improve automation processes
- Perform other work-related duties as assigned
- Bachelor’s degree in Management Information Systems Network Security, Computer Science or a related discipline or equivalent combination of education/work experience.
- At least 5 years of IT security experience.
- Previous Experience with access review and compliance testing experience
- Previous Experience with working with an IAM automation tool.
- Excellent customer service skills.
- Have interpersonal skills to deal effectively with all business contacts.
- Professional appearance and demeanor.
- Work varied shifts, including weekends and holidays.
- Able to effectively communicate in English, in both written and oral forms.
- Familiar with governance and compliance concepts, practices and procedures, which includes but is not limited to PCI-DSS, ISO, MICS, SOX and CObIT
- Experience with Sailpoint tool
- CISSP, CISA and/or QSA