Job Description
This individual would have two primary roles within the IAM space - reporting and access reviews for SOX assets (MCITA reporting) and supporting the annual access reviews for lower risk rated applications (PRLite2.0).
The ideal candidate for this position has an in-depth knowledge of security and technology, with strong understanding of risk management. The candidate must be able to make decisions based on prior experience in a large enterprise environment and their solid understanding of the technologies and risks involved. Responsibilities will include participating in technology access control reviews and line of business projects. The candidate will need to have experience with access controls for common resources, such as Windows, Linux, Database such as SQL Server, Oracle, DB2, network appliances and mainframe. Other responsibilities might include identifying security risks, analyzing complex security issues, performing remediation efforts, creation/ownership of new security standards, providing security requirements and decisions. Functional knowledge of both technical and business aspects of security is highly desirable. Effective communication with lines of business and technology groups critical.
Job Description
Required Qualifications:
Bachelor degree or equivalent work experience
Three to five + years of experience including technology-related auditing, consulting, programming, and/or operational banking experience. IAM experience or background desired
Subject matter expert level expertise knowledge of both the business and technical aspects of security and technology
Strong broad-based technical background (distributed/mainframe, database, web based application development and/or Cloud)
High level of business acumen, preferably in a regulated/financial industry
Strong risk-based analysis and decision making skills Ability to make quick fact-based decisions Ability to work outside comfort zone Ability to understand and analyze complex business processes and technologies to make sound recommendations
Project management and/or project team member experience
Ability to multitask and manage competing priorities
Process management, time management and organizational skills
Excellent interpersonal, customer service and relationship management skills
Proven ability to effectively handle challenging clients and difficult political situations
Excellent written and verbal communication skills
Ability to create and implement new processes and procedures
Proficient use of Microsoft Office Suite Must be willing to work after-hours, overnights and weekends. On call rotation. Essential Job Function: Management of and approach to assignments:
> Provides corporate security consulting support to concurrent projects
> Acts as an owner for assigned work
> Maintains adequate documentation regarding decisions and work performed
> Escalates problems in a timely manner
> Documents processes, procedures, and best practices Analysis of work related topics and issues:
> Anticipates and addresses security needs/issues
> Provides security guidance and makes reliable security decisions with minimal supervision
> Interprets security policy and standards and consults on security variance requests
> Interprets policy and decisions variance requests
> Translates information security terminology into terms understandable to diverse groups Establishing and sustaining collaborative relationships:
> Partners and collaborates with KeyCorp business and technology groups to deliver value through security review, assessment and consulting services
> Interfaces with corporate technology and line of business areas
> May interface with internal and external audit partners
> Builds and sustains collaborative relationships with multiple constituencies Ability to lead from a non-leadership position and within a cross functional team
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.
Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.