Analyst I – Identity and Access Management

Analyst I – Identity and Access Management

Requirements

• Bachelor’s degree in Computer Science, Information Systems, or an equivalent combination of education, training, or work experience
• Typically requires up to three (3) years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, and database design and administration
• Experience with Active Directory database
• Must have general knowledge in networking, databases, systems, and/or Web operations
• Requires general understanding of security issues, techniques, and implications across at least one computer platform.

Responsibilities

• Develops and manages security for business units across the enterprise to prevent hackers from compromising company systems and information.
• Develops and implements security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures, and use of firewalls and encryption routines).
• Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
• Enforces security policies and procedures by administering and monitoring security profiles; reviews security violation reports; investigates possible security exceptions; and updates, maintains, and documents security controls.
• Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
• Provides direct support to the business and IT staff for security-related issues.
• Educates IT and the business about security policies and consults on security issues regarding user built/managed systems.
• Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
• Performs other related duties as assigned.
• Works under general direction or on IT security projects as a project team member.
• Works on simple to moderately complex security issues or projects that require basic to increased skill in one or more IT functional areas.
• Requires rotational on-call support.

Preferred Qualifications

• Knowledge of ICE business environment and the ability to evaluate information security risk implications.
• Knowledge of relevant legal and regulatory requirements.
• Knowledge of common information security management frameworks.
• Experience working with a diverse range of data sources/streams and managing these effectively.
• Excellent analytical, decision-making, and problem-solving skills.
• Ability to develop partnership-oriented relationships with business executives and functional leaders, especially as it relates to operations and technology.
• Background in security operations, processes, solutions, and technologies.
• Understanding of policy, compliance, and best practice security principles.
• Working knowledge of Linux, Windows, and Network Operating Systems.
• Knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy.
• Experience with enterprise risk assessment methodologies.
• Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
• Ability to communicate well both verbally and in writing to technical and non-technical audiences of various levels within ICE or outside the organization (executives, regulators, clients, etc.)
• Results oriented, business focused, and successful at interfacing across multiple organizational units.
• Must have general knowledge in networking, databases, systems, and/or Web operations.
• Professional certification such as CISSP, CISM, etc. is strongly preferred.