Systems Security Analyst II

CITGO PETROLEUM CORPORATION

CITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand. CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and / or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants. With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.

At CITGO our people are our most important resource.  Our core values are Safety, Integrity, Respect, Accountability, and Care.

Job Summary

This job will support both SAP GRC, Privilege Access Management and SailPoint Administration, playing a crucial role in the organization’s identity and access management strategy. This position requires a blend of technical expertise, business acumen and regulatory compliance knowledge.  Some of the key responsibilities are SAP GRC administration : Mange and troubleshoot SAP Identity Management, ensuring effective access & authorization design. Identity governance : Support IAM operations including Privileged Access Management (PAM) and Multi-Factor Authentication (MFA). SailPoint Administration : Implement and maintain IdentityNow systems.

Minimum Qualifications

A degree in MIS or Computer Science is preferred.

Minimum number of job related experience required : 5 years with a degree, 10 years in lieu of degree.

Certifications preferred. E.g., ( CISSP,CISM,CCSP, CIAM )

Excellent communications skills, both written and verbal, required.

Ability to work as part of a team, required.

Proficiency in SAP GRC tools & modules.

Familiarity with SAP Gui

Understanding of SAP HANA security concepts is a plus

Experience with SAP ECC, S / 4HANA, and related modules (FI, CO, MM, SD, HR) is preferred

Familiarity with Privileged access management interface such as Delinea is preferred.

Familiarity with Identity Management solution such as SailPoint ( IdentityNow) is preferred.

Understanding of directory services ( Active Directory, LDAP ), required.

Strong ethical framework to handle sensitive information responsibly, required.

Job Duties

• Seeking an SAP Basis / GRC Senior Analyst with a strong background in SAP system. Provide QA of SAP application changes prior to migration to Production. Handling daily operational activities of GRC landscape : Administration of SAP GRC configuration, rule sets, workflows and approvers for user provisioning, emergency access and access recertification. Participation in the implementation and support of SAP GRC (Governance Risk & Compliance) program. Provide training and support for GRC, policies and procedures, and security role design to users. Support team members on audit requests.  Interact closely with SAP application sub-teams and key business Subject Matter Experts.
• Privileged Access Management (PAM) : Implement and manage PAM solutions to secure privileged accounts. Monitor and audit privileged user activities. Implement just-in-time (JIT) and just-enough-access (JEA) principles. Manage and rotate privileged account credentials
• SailPoint Administration : Oversee the design, installation, integration and deployment of SailPoint products. Implement RBAC strategies and IAM concepts like least privilege and Segregation of duties

Collaboration and Communications : Work closely with team leads, peers, development teams, business analysts, and end users to ensure we have appropriate controls and protection. Provide guidance and training to staff on identity security best practices. Create and maintain documentation for identity-related processes and systems. Contribute to the development of the organization's identity security strategy.

Compliance & Continuous Improvement :   Conduct periodic access reviews and audits to ensure compliance with internal policies and industry regulations.  Comprehensive knowledge and experience with authentication standards and technologies. Extensive hands-on knowledge of identity and access management best practices and procedures. Develop scripts and automation to streamline identity management processes.  Evaluate and recommend new identity and access management tools and solutions. Regularly participate in new projects to learn new technologies and perform detailed feature and usability analysis based on vendor's offerings and business needs. Participate in operations and tactical planning within a team environment.

Job Duties II

Job duties displayed above are not all-inclusive, site-specific responsibilities may be assigned.

Here are the incentives we offer :

PLEASE NOTE ALL JOBS DO NOT QUALIFY FOR ALL PERKS

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Requisition ID - 1061