Address
SalaryAs a member of the Identity and Access Management (IAM) team, the Senior Info Security Consultant will be responsible for the day-to-day operations, governance and oversight of Identity & Access Management (IAM) program with an emphasis on Access Control and Segregation of Duties (SoD) reviews. The Senior Info Security Consultant will work closely with lines of business, technology, risk and Enterprise Security Services partners to manage periodic Access Control and SoD compliance and regulatory reviews to ensure compliance with relevant regulations and standards such as Sarbanes-Oxley (SOX), Payment Card Industry (PCI DSS), etc
ESSENTIAL JOB FUNCTIONS
- The candidate will need to have experience with access control design and reviews for common resources, such as Windows, Linux, Databases (i.e. SQL Server, Oracle, DB2), network appliances and mainframe.
- Facilitate identification, documentation and mitigation of Access Control and SoD risks with business process owners and stakeholders, through annual business process questionnaire completion and follow-up.
- Partner with Business Process Risk Identification Program to provide/update content for stakeholder training on roles relating to SoD processes and annual certification, and lead change management initiatives related to SoD program.
- Perform validation of access controls within Sailpoint Identity Governance Administration
- Handle troubleshooting and issue resolution related to IAM processes, ensuring the smooth functioning of the Identity and Access Management program.
- Enhance and maintain IAM operating model to include roles and responsibilities IAM risks
- Manage and update metrics (e.g. KRIs, KPIs) to track and report risks and report metrics to senior management?.
- Champions and maintains effective communication with lines of business and technology groups
- Participate in technology and line of business projects.
REQUIRED QUALIFICATIONS
Education/Certifications: Bachelor's Degree or equivalent work experience required.
Experience:
- Three to five years of experience in technology-related auditing, consulting, programming, and/or operational banking experience
- Identity and Access Management experience or background, with experience in Sailpoint a plus
- Subject matter expert knowledge of both the business and technical aspects of security and technology
- In-depth knowledge of security and technology, with strong understanding of risk management.
- Ability to make decisions based on prior experience in a large enterprise environment and solid understanding of the technologies and risks involved.
- Works autonomously and demonstrates solid Key leadership competencies; organized, leads others towards common outcomes and execution
- Demonstrates strong critical thinking and problem solving skills to understand and analyze complex business processes and technologies to make sound recommendations
- Possess strong written, verbal, and presentation skills
- Ability to effectively communicate with lines of business and technology groups at all levels of the organization
- Strong understanding of risk management with ability to identify and assess risks and issues and manage to resolution
- Ability to create and implement new processes and procedures
- High level of business acumen, preferably in a regulated/financial industry
- Strong risk-based analysis and decision making skills
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.
Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
