Information Security Analyst
Our Dallas based client is looking to add to their growing organization! Individuals within the Identity and Access Management role plan, execute, and manage multi-faceted projects related to identity and access management. They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization. These individuals provide expertise and assistance to ensure the company's infrastructure and information assets are protected.
Individuals develop and implement security policies and procedures surrounding a variety of IAM capabilities such as provisioning, SSO, privileged access management, access certifications, password management, etc. They analyze identity data and remediate open IAM issues. They update, maintain and document security controls and provide direct support to the business and internal IT groups. These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.
location: Carrollton, Texas
job type: Contract
salary: $50 - 65 per hour
work hours: 9am to 5pm
PRIMARY DUTIES AND RESPONSIBILITIES:
· Works on security initiatives/issues for one or more IT functional area (e.g., applications, systems, network and/or Web) across the enterprise.
· Develops security solutions for medium to complex assignments.
· Works on multiple projects as a team member and leads systems-related security components.
· Develops, refines, and implements enterprise wide security policies, procedures, and standards to meet compliance responsibilities.
· Supports service-level agreements (SLAs) to ensure that security controls are developed, managed and maintained.
· Monitors compliance with security policies, standards, guidelines and procedures.
· Assists in the development of processes and procedures for the information security governance program, including control document reviews, participant assessment preparation, meeting coordination, assessment finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting and escalation.
· Works with customers to identify security requirements using methods that may include risk and business impact assessments.
· Analyzes business processes and business requirements to determine conformance to security policies and procedures.
· Provides security-related guidance on business processes.
· Participates in designing secure infrastructure solutions and applications.
· Performs data analytics on a variety of access-related data (accounts, entitlements, profile details, etc.).
· Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
· Provides security support for application- and infrastructure-related projects to ensure that security issues are addressed throughout the project life cycle.
· Engages application teams to help define identity solutions with the SAP CDC solution (authentication, self-service IAM, SSO).
· Identifies and resolves root causes of security-related problems.
· Works with teams to resolve issues that are uncovered by various internal and third party monitoring tools.
· Collaborates on projects to ensure that security issues are addressed throughout the project life cycle.
· May guide users on the usage and administration of security tools that control and monitor information security.
EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
· Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience
· Typically has 3-5 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and administration and 1-2 years of experience with IT security
· Desired professional certification in technical security areas
skills: MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:
· Understanding of DMZ, networks, load balancers, firewalls, security certificates etc needed.
· Preferred to have knowledge of SAP CDC platform
· Requires knowledge of security issues, techniques and implications across all existing computer platforms
· Strong computer skills in order to operate effectively with company systems and programs; working knowledge of applicable computer applications
· Good analytical and problem solving skills
· Ability to communicate effectively both orally and in writing
· Good interpersonal skills
· Ability to prioritize work load and consistently meet deadlines
· Strong organizational skills; attention to detail
· Demonstrated sound understanding of at least 1 and general of an additional 2 of the following standards such as ISO 27001/27002, COBIT, ITIL, NIST and PCI
· Certification in at least 1 Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization required
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.