Job Information
Jostens Security Analyst - Identity Access Management in Santiago, Dominican Republic
JOB TITLE: Security Analyst - Identity Access Management (IAM)
GENERAL DESCRIPTION OR PURPOSE OF JOB:
The Security Analyst - Identity Access Management (IAM) role analyzes, administers, maintains, and monitors secure system and application accesses to internal resources for employees, affiliates, and external customers, in accordance with established security policies, controls and standards. This role ensures access to systems is provisioned with the concept of least privilege. Ensure quality of access processing and identifies/develops processing efficiencies. Ensures the completeness and accuracy of all identity management and provisioning systems in accordance with established Standard Operating Procedures, security policies, controls, and standards. Responsible for evaluating access management systems to show continued improvements of provision processes and operations. In addition to working closely with IT and the Business, this role will have regular interaction with Legal, HR and internal/external auditors.
RESPONSIBILITIES / ESSENTIAL FUNCTIONS:
Oversee user access administration.
Manage and resolve internal end user tickets for user access in compliance with identity and access management policies, standards, and procedures.
Successfully work with end users and system administrators to troubleshoot and resolve end user access issues.
Responsible for the lifecycle management of enterprise end user accounts in various enterprise applications and services such as Active Directory, Oracle, and Cloud Environments.
Manage access controls, permissions, and integrations.
Review IAM roles/permissions, network and file share access privileges.
Work with business to create and maintain role-based access controls for user accounts.
Engage with Business Stakeholders to validate who needs access to which assets (file servers, network shares, and data stores), validate roles, assign roles to permissions.
Work with application owners in validating the permissions and IAM integrations.
Consult with application owners to integrate new applications into the identity access management system and maintain existing applications.
Conducts quarterly access reviews for key systems and partners with system/business owners to ensure evidence and results comply with regulatory requirements.
Lead and support the execution of access controls including Active Directory audits, privileged access reviews and segregation of duties controls.
Provide support for emergency provision/de-provision requests and special investigations.
Strengthen process improvement and procedure documentation.
Identify and pursue process improvement, automation, and application integration opportunities.
Collaborate cross-functionally with the business to improve IAM processes and support the presence of the IAM programs within the company.
Ensure that IAM process and workflow documentation is created and maintained.
Provide cross-training on defined identity and access management procedures.
Document application permissions and IAM integrations. Work directly with auditors to explain the control environment and coordinate the fulfillment of evidence/documentation requests and remediation efforts.
Typical/Expected % Of Overnight Travel: < 5% (less than 3 weeks/year)
Required:
Passion. Understanding of latest access management methods such as OAuth, OIDC, SOAP/Rest APIs, WS models, Authentication, and access flows.
Technical skills. Experience with access models such as RBAC and ABAC. Significant knowledge of common identity stores and IAM related solutions such as Active Directory, Oracle, Okta, Duo and other IAM tools.
Attention to detail. Extensive experience in documentation of security and functional use cases. Extensive experience in the analysis of access management and verification systems.
Documentation. Ability to document existing design, feature sets and gaps in authentication system implementations.
Great communication skills. Ability to communicate technical information in understandable business terms.
Experience. 3-5 years in an Information Security or Information Technology role; 1-2 years in IAM.
Education. Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or related work experience.
Preferred. Experience working with cloud platforms (AWS, Azure). Certifications such as CompTIA Security+, SSCP, CISSP, CISA, CISM or equivalent.