Ann Arbor, MI – Hybrid – 3 days/week on-site Tues – Thurs Remote Mon/Fri
Overview
As our client continues to mature the Information Security program, they recognize the value of an Information Security Analyst focusing on Identity and Access Management (IAM), as one of the key enablers of such a program.
The position is a critical member of the Information Security team. The role will report directly to the Sr. Manager, Information Security – Governance, Risk & Compliance, and will work closely with various Information Security personnel in the organization. The role is also expected to establish a strong working relationship with various team members.
The position will play an integral role in our client's Governance, Risk and Compliance program, focusing on our IAM function. The role will work closely with the IAM Lead, as well as with other team members in the Governance Risk and Compliance (GRC) team and broader Infosec team. The position is expected to collaborate in a positive manner with other functions within the Technology department and other business units.
The candidate is expected to have some level of knowledge and experience in information security, information technology, and business field.
Responsibilities And Duties
- Provide technical support to customers, and stakeholders who need assistance utilizing Identity and Access Management control(s) in accordance with established or approved process components.
- Provide general upkeep and support of the IAM platform.
- Work closely with the internal and external auditors on SOX activities.
- Provide support to teams during security events, execute analysis, and provide accurate and timely feedback.
- Present technical information to technical and nontechnical audiences.
- Serve as an internal consultant and advisor in own area of expertise (e.g., Identity and Access Management).
- Develop or assist in the development of policies and protocols for IAM requirements.
- Assist with program activities and education campaigns, ensuring Domino's human resiliency against cyber-attacks (phishing, social engineering) as well as establishing safe user behavior and culture.
Required Core Competencies
The team member in this role is expected to possess the relevant competencies:
- Follows through on commitments, acts with integrity and takes personal responsibility for decisions, actions, and failures, establishes clear responsibilities and processes for monitoring work and measuring results.
- Assumes positive intent of others, works cooperatively with others across the organization to achieve shared objectives, represents own interests well while being fair to others and their areas, partners with others to get work done, credits others for their contributions and accomplishments, gains trust and support of others.
- Shows personal commitment and acts to continuously improve, accepts assignments that broaden capabilities, demonstrates curiosity and openness to differences, new ideas and thinking, demonstrates vulnerability, including a willingness to ask for help or acknowledge mistakes.
- Gains insight into customer needs, identifies opportunities that benefit the customer, builds, and delivers solutions that meet customer expectations, establishes, and maintains effective customer relationships.
- Partners with others to get work done.
- Promotes information sharing, collaboration, and transparency.
- Aligns and supports leadership strategic directives and contributes to team's objectives.
Required Technical Skills
- Ability to communicate complex information in a clear, concise, and organized mannger. Demonstrates skill in managing client relationships and expectations and demonstrating commitment to delivering quality results.
- Ability to apply critical thinking to evaluate information for reliability, validity, and relevance. Ability to function in a collaborative environment, seeking consultation with analysts and experts to leverage technical expertise.
- Ability to understand cybersecurity's impact on organization and how to apply cybersecurity principles to organizational requirements (relevant to confidentiality, integrity, availability).
- Knowledge of Sarbanes-Oxley (SOX) requirements, including IT General Controls, Application Controls, and SOD testing.
- Knowledge of risk management processes, cybersecurity and privacy principles, and cyber threats and vulnerabilities.
- Ability to dissect a problem and examine the interrelationships between data that may appear unrelated.
- Knowledge of applicable business processes and operations.
- Knowledge of new and emerging IT, cybersecurity technologies, security issues, risks, and vulnerabilities.
- Ability to communicate complex technical information in an easily understandable manner to fit the audience's level of expertise in the topics. A good communicator and presenter.
- Ability to produce technical documentation.
Qualifications
- A bachelor's or master's degree in Computer Science, Information Technology, Business Administration, or other related field; or 3-5 years equivalent work experience.
- 1-2 years of general information technology work experience (more than 1 year of information security work experience in Identity and Access Management (IAM) is preferred for this role.
- Candidate should have exceptional troubleshooting and problem-solving skills.
- Candidate should be able to work in both group settings and independently.
- CISSP, CISA, CISM, CRISC, or other relevant certifications is desired, but not required.
