Senior IS Access Management Analyst Miami, Florida
The Senior Information System Access Analyst is responsible for leading the identity and access management program and standards for delivering of enterprise-wide identity and access for employees and vendors to the organization's core systems and applications. Will also be responsible for completing access requests and ensuring timely handling, monitoring departmental queue for requests and ensuring work product is in compliance with Policy, Standards and Procedures, as well as providing guidance and mentoring to IS Access Management Analysts team members.
Duties and responsibilities include:
- Serve as access management subject matter expert (SME) as the main point of contact for access management needs of all systems and applications. Responsible of assisting IT Teams in the implementation of access management controls for new systems and applications.
- Responsible for provisioning/de-provisioning of access to applications, infrastructure and operating systems as per established Policy, Standards and procedures. Including any reporting needs from access management documentation prepared for Internal and External audits and reporting of compliance with information security policies, procedures, guidelines and regulatory requirements.
- Responsible for updating and resolving request tickets and managing queue to ensure timely settlement of assigned user requests and issues as outlined by Service Level Agreements.
- Well versed with following processes: New Hire On-Boarding, Employee Off-Boarding, Department Transfers, Access Remediation, and Privileged Access.
- Responsible for review and quality control verification and validation of access changes to SOX, Critical and Non-critical applications.
- Assist with troubleshooting and problem analysis by working with other teams, vendors or users in diagnosing and resolving users access issues.
- Analyze requests to various business systems and applications, including creation, deletion and modification of access within business roles and groups, as required.
- Provide guidance and support to enhance the organization's employee job profiles and ensure accuracy of employee job profiles.
- Lead the development of monthly metrics and indicators and in the remediation Information Security action plans.
- Understand information security principles in order to help secure the Bank's information assets.
- Adhere to and comply with all applicable, federal and state laws, regulations and guidance, including those related Information Security.
- Identify, evaluate, monitor and make any recommendation(s) deemed necessary to CISO in order to assess, reduce, eliminate or control any current or prospective risks to earnings or capital arising from violations of, or nonconformance with, laws, rules regulations, prescribed practices, internal policies and procedures or ethical standards.
- Remain informed of job-related issues through networking, training programs, seminars and trade publications.
- Work the designated shift between 7:00AM and 7:00PM weekdays and on call after hours.
- Perform other duties when assigned.
Minimum Education and /or Certifications:
Bachelors' Degree in Computer Science, Information Technology, Management Information Systems or similar discipline or 5 years' experience in Information Technology/Security or equivalent Information Security Certifications: MSCE, CCNA, etc.
Minimum Work Experience Requirements:
- 5 to 7 years of work experience in in IT and information security, access management, technical support and customer service.
- A minimum of 2-3 years of related experience with user provisioning and de-provisioning.
Technical and/or Essential Knowledge:
- Knowledge of Information Security standards and best practices.
- Advance understanding of modern Identity & Access Management concepts and best practices required.
- Proficient with Active Directory, Microsoft Exchange, service request management systems.
- An understanding of financial services industry core banking applications, including good knowledge of IBM AS/400 systems.
- Skills in evaluating risk and communicating it in a fact-based manner.
- Experience with databases such as SQL Server and Oracle. Demonstrate experience on how access is controlled and managed.
- Advanced knowledge of infrastructure security, including Windows, Unix/Linux, desktop/laptop, and mobile security.
- Advanced skills to set work priorities and make independent decisions regarding system access configurations for core systems and applications, and provide recommendations.
Physical Demands: Air-conditioned office. Sitting at workstation 85%; lifting and carrying equipment 5% of the time.
This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.