Our client is looking to hire an Access Control Analyst that will review authorization and access control systems used to administer access privileges for internal IT customers and external business partners. This position will be responsible for the initial assignment, ongoing oversight and modification, and disabling/termination of access control authorizations. This includes the evaluation and definition of roles, the assignment of individuals to these roles in a manner that enforces Least Privilege, the allocation of appropriate authorizations and privilege to individuals, and the ongoing evaluation of the assigned accesses including log review/reporting to verify access with data and system owners. The analyst will evaluate access requests and will work with various factions including the Service Desk, IT Risk Management and Engineering areas, and with the business to verify the validity of the request and grant the appropriate access. This role will work within the IT Risk Management team to ensure that the physical and logical stability, reliability, confidentiality, and integrity of the Access Control environment is in accordance with established policies, procedures and guidelines. ESSENTIAL FUNCTIONS:
Maintain the Identity Management lifecycle. Allocates privileges and authorizations based on business request balanced with fundamental principles of risk management including least privilege and separation of duties. Ensures that additions, changes, and terminations to authorization are carried out properly and on a timely basis.
Provide reporting of accesses granted and authorizations approved within a documented, auditable environment to ensure confidence in the level of allocated privileges, in a clear and easily reviewable manner. Prepare metrics and reports on access as appropriate for senior management and audit review.
Work with management to support Development, QA, Infrastructure, and Business Support teams in implementation of access controls to support the business need for access to systems and applications.
Recognize the need to create new roles and define new privilege levels, identify new capabilities and technologies that may help provide controls, and ensure a timely and complete review of revoked authorizations to ensure a secured environment. Work cooperatively with applicable organization units to inspect, amend, and restrict access to protected information as appropriate. Review and respond to risk review as needed.
Manage multiple priorities effectively. Maintain clear and efficient communications with management and customers.
Respond to issue escalation and service interruption with the intent to ensure secure access. Provide actionable after-incident analysis to ensure root cause issues are logged and remediated.
Maintain effective external relationships with vendors, consultants, and service providers through Management; leverages these relationships to ensure that the best fit solutions and resources are available to the firm.
ESSENTIAL QUALIFICATIONS: The position will require a technical and motivated individual with previous computing systems experience or an equivalent degree. They will maintain clear and efficient communications both with technical peers and management, so must be able to communicate access control status and provide auditable documentation to management. They will be enforcing Individual Accountability, and must have experience in adhering to Least Privilege and Change Management disciplines. Required skills/competencies:
Working Knowledge of Identity Management, Authentication / Authorization and Log Collection systems.
Knowledge of Active Directory and MS Exchange
Ability to monitor access control reports and address security violations
Experience with current best practices in IT standards, principles, and security
Excellent technical documentation skills
University degree in Computer Science or Related Field Experience.
Excellent communication, interpersonal, and mentoring skills
Knowledge of LDAP and Active Directory, strong authentication, or access oversight
Working knowledge of financial industry.
Knowledge of Enterprise Authorization and Password Vaulting systems
Awareness of core Networking concepts including TCP/IP, DHCP, DNS, VPN, MFA
Participate in business continuity planning, testing, and implementation.
Knowledge of Admin/root access capabilities and RUNAS/SUDO or permanent root access rules, as well as experience with User and Service accounts.
At least 1 year experience in Computer Systems privileges administration