Job Description :
Provide Role Based Access Control (RBAC) analysis, design and implementation expertise within the company''s IAM Infrastructure; collaborating with lean purposed IAM Software Development team to refine and expand the adoption of a semantically logical and comprehensive RBAC framework;
Collaborate with Business Intelligence & Analytics groups; leveraging Tableau data visualization software for role-mining analysis, and dashboard-ing executive overview reporting;
Collaborate with IT Governance, Risk & Compliance group to expand and improve access certification using industry standard Product solutions (Sailpoint, OIG, Dell One)
Documenting business requirements gathering and documentation for the design and implementation of an RBAC framework
Providing Business Analyst support, drafting business requirements documentation for clients, as well as system integrations and operational support for User Access review campaigns.
Ability to provide leadership to junior staff work efforts.
EDUCATION Required:
Bachelor’s Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field
Substitutions:
Bachelor’s Degree in another field and 7 years of Information Security, Governance, Risk and/or Compliance, Information Technology or Business Analysis
Preferred:
Master’s Degree in Computer Science, Information Security or related field
EXPERIENCE:
Required:
5-10 years of experience with Information Security and Risk Management with a focus on Role LifeCycle Management
2-5 years of experience with Information Technology
2-5 years of experience developing, communicating and presenting Information Security and Risk Management concepts to varying audiences
Preferred:
2-5 years of experience with Information Security and Risk Management with a focus on Product type companies
Experience working within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework
In-depth understanding of network security architecture, network and networking protocols
LICENSES AND CERTIFICATIONS:
Preferred
Certified Information Systems Security Professional (CISSP)
ITIL
Security +
SKILLS:
Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL
Role Analytics background
Proficient in manipulating and querying databases/SQL
Fluent in scripting, building and running queries
Knowledge of NIST Risk Assessment methodology
Familiarity with secure SDLC best practices
Knowledge of Microsoft Apps and Suites, Windows server, SharePoint, etc.
Strong teamwork and inter-personal skills
Adaptable and resilient: able to shift direction while remaining productive. Maintains focus in the face of challenge.
Consultative: skilled listener, prepares recommendations to client problems, adopts a customer first mindset, partner with internal and external project teams to drive results.