Security Analyst

Job Description

Job Description

Security Analyst PD :

Under the general review of the IT Solution Center (ITSC) Supervisor, this position supports and

maintains an Identity and Access Management (IAM) program and standards for ETF. This

position will guide the user access security environment consisting of Active Directory, 3rd

party Active Directory tools, Mainframe Resource Access Control Facility (RACF), legacy

application access, and technical Directory and Authentication Services of employees,

members, and vendors with the capability to support cloud and on-premises application

services. The position will also be responsible for Identity Governance Administration (IGA) to

maintain a secure and healthy user access environment for ETF. This position will provide

vendor oversight and brokerage of system and service access and will partner with DOA / DET to

support all enterprise IAM services provided to ETF. This position will also be responsible for

gathering and interpreting IAM metrics and data that will allow the agency to have a broad

understanding of the performance of this service.

The IAM Coordinator position duties will include user provisioning, on-boarding and off-

boarding processes, identity lifecycle and access management, user access changes, preparing

documentation and reviews for audits, acts as the point of contact for audit issues, and consults

with business units when implementing access level changes or implementation of new

systems. The position will ensure the quality and accuracy of user system access, will

recommend best practice service improvements, and will drive the enhancement process for

the IAM program to meet ETF’s business unit and strategic needs.

Knowledge on concepts of authentication, authorization, active directory policies, active

directory federation services (ADFS), and web filtering solutions (5 years)

Knowledge and skill to provide security administration in a mainframe environment. (5

years)

Knowledge in mainframe automation programing languages such as Resource Access

Control Facility (RACF) and Identity and Access Management systems, such as Cayosoft.

Preferred Skill)

Experience in access role development and maintenance and defining application level

roles / groups and permissions to ensure secure authentication and authorization

mechanisms are aligned with policies, standards, and best practices. (5 years)

Understanding of agency audit and compliance requirements. (Preferred Skill)

Experience with user administration, Active Directory and the user administration

functions of a wide variety of multi-user services applications. (5 years)

Strong interpersonal skills to effectively manage business relationships with internal and

external customers and business partners.

Effective time management skills.

Strong written and verbal communication skills.

Requirements

Top Skills & Years of Experience :

• Knowledge on concepts of authentication, authorization, active directory policies, active directory federation services (ADFS), and web filtering solutions (5 years)
• Experience in access role development and maintenance and defining application level roles / groups and permissions to ensure secure authentication and authorization mechanisms are aligned with policies, standards, and best practices. (5 years)
• Understanding of agency audit and compliance requirements. (2 years)
• Experience with user administration, Active Directory and the user administration functions of a wide variety of multi-user services applications. (5 years)
• Strong interpersonal skills to effectively manage business relationships with internal and external customers and business partners. (2 years)
• Strong written and verbal communication skills. (2 years)
• Experience in Audits and Audit Attestation Processes (2 years)
• Documentation / Procedure writing experience (2 years)
• Demonstrable experience with Metrics for performance and / or procedure review (2 years)

Nice to Have :