Job description
Company Description
Zillion Technologies Inc. - (ZTI) is a global business consulting and technology solutions provider. Zillion delivers innovative business solutions that give clients a competitive edge.
Job Description
Job Title: Sr. Technical IAM Analyst
Job Location: Remote
About The Job:
The Client Contingent Worker program is seeking a Senior Analyst, Identity and Access Management (IAM). Assignment reports directly to the Manager, Identity and Access Management (IAM). This role is a key member of the information security team and is responsible for the design and operations of key identity and access management controls at Sandy Spring Bank. The IAM controls are essential to ensure access is granted on a least privilege basis to all internal and cloud-based systems. IAM controls compliance with internal policies and external regulations are a critical part of Sandy Spring providing services to its customers while protecting their personal information. The scope of the IAM program includes internal infrastructure systems and applications, and Software as a Service (SaaS) applications. The Senior Analyst, IAM will ensure identity and access management controls in SSB are effective in their operation and will lead efforts to define and implement control improvements that reduce risks and increase efficiency.
Areas of Focus:
· Develop and operate a comprehensive identity and access management program to address the following key control needs:
o Identity Lifecycle Management, Automated Provisioning and Reconciliation
o Auditing, Reporting and User Activity Monitoring
o Access Certification of access to in-scope resources
o Segregation of Duties
o Break Glass, Password vaulting
o Privileged Access Management
o SaaS access reporting for access reviews
o Single Sign On
· Identify enhanced IAM capabilities and control process requirements and evaluate automation tools that will be necessary to implement them. Work with vendors and infrastructure engineering to install and configure the selected toolset.
· Develop, maintain, and implement IAM policies, IAM standards and standard operating procedures. Work with first line information security teams, second line technology risk teams, human resources and business application owners to define and implement controls that meet information security program policy, risk management and regulatory requirements.
- Manage end user and system accounts, user access groups, roles and entitlements using applicable tools and applications.
· Manage, report, and facilitate access certification across all business areas of Bank.
· Define a process for and support the onboarding of new vendors, systems and technology products in order to ensure that all IAM policies are met in a consistent manner.
- Liaise with regulators, second line risk teams and Internal Audit teams as part of responding to their requests to walk through control processes and to gather and present evidence of control operation.
· Ensure that significant findings related to IAM control effectiveness are remediated timely. Self-identify issues when applicable and identify dates for remediation.
· Collaborate directly with senior members of SSB Business and IT to execute on a roadmap for uplifting the maturity of SSB IAM processes as part of the Information Security program.
· Provide regular reporting with metrics on the status of the IAM processes and liaise with internal audit, external regulatory examiners to demonstrate the design, operation and effectiveness of all IAM controls.
· Secure access to SaaS systems leveraging cloud native tools and built in SaaS service capabilities.
· Integrate IAM controls with devops processes at SSB.
· Support a 24⁄7 coverage schedule by rotating with other team members including weekends.
Qualifications
KNOWLEDGE, SKILLS, AND ABILITIES:
· Bachelor’s degree in Information Security, Computer Science, Management of Information Systems, or related field required.
· Minimum 10 years’ equivalent transferrable job-related experience. For example, experience in IT, Info Sec, Business Analysis, or related fields.
· Minimum of 5 years’ experience in Identity and Access Lifecycle Management Operations and Controls, Identity Governance Administration using Sailpoint. Application onboarding processes and integration.
· Minimum of 3 years’ experience in Access reviews, Role Owner Reviews, Access Group reviews, SOX Access Controls, Privileged Account Access Reviews.
· Minimum of 3 years’ experience supporting MS Active Directory Domain Services, Azure Active Directory, AD FS and Active Directory Connect.
- Minimum of 2 years’ experience supporting Privileged Identity Management Processes (CyberArk, BeyondTrust, Thycotic etc.)
- Preferred minimum of 1 year’s operations experience specifically with CyberArk PAM.
- Experience with Single Sign-On (SSO) and Multifactor Authentication (MFA).
- Preferred minimum of 1 years’ experience in scripting (PowerShell, JSON, and Python etc.).
· Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
- Demonstrated understanding of information security policies, standards, and industry leading practices.
· Demonstrated experience with operating processes and procedures that align with controls for Sarbanes Oxley, FFIEC, ISO 27001⁄2, FISMA or National Institute of Standards and Technology (NIST) CSF is required.
· Self-driven, detail-oriented, with excellent written and verbal communication skills, interpersonal and collaborative skills
· High level of personal integrity, as well as the ability to professionally handle confidential matters and procedures.
· High degree of initiative, dependability and ability to work with limited supervision.
Additional Information
Thanks & Regards,
Praveen Kumar,
Sr. Recruiter
Zillion Technologies Inc
E-mail: praveen(at)zilliontechnologies(dot)com
Phone: 571-814-3745
