CapB InfoteK
Security Analyst - 6.2 Madison, WI
CapB InfoteK, Madison, Wisconsin, us, 53774
IDENTITY AND ACCESS MANAGEMENT COORDINATOR Under the general review of the IT Solution Center (ITSC) Supervisor, this position is responsible for supporting and maintaining for ETF’s user access security to systems and applications. This position will guide and support the user access security environment consisting of Active Directory, 3rd party Active Directory tools, Mainframe Resource Access Control Facility (RACF), STAR/STARFIN systems, legacy application access, and technical Directory and Authentication Services of employees, members, and vendors with the capability to support cloud and on-premise application services. The position will also be responsible for Identity Governance Administration (IGA) to maintain a secure and healthy user access environment for ETF. This position will provide vendor oversight and brokerage of system and service access and will partner with DOA/DET to support all enterprise IAM services provided to ETF. This position will also be responsible for gathering and interpreting IAM metrics and data that will allow the agency to have a broad understanding of the performance of this service. The Security Analyst/Administrator position duties will include user provisioning, on-boarding and off-boarding processes, identity lifecycle and access management, user access changes, preparing documentation and reviews for audits, acts as the point of contact for audit issues, and consults with business units when implementing access level changes or implementation of new systems. The position will ensure the quality and accuracy of user system access, will recommend best practice service improvements, and will drive the enhancement process for the IAM program to meet ETF’s business unit and strategic needs. The following functions are the main priorities for the position:
• Coordinate the IAM service functions for ETF through daily administration and support, process and procedure maintenance, technical documentation, policy support, and subject matter expert guidance of the appropriate technology tools to support our systems and increase ETF’s IAM automation.
• Administer, manage, and support Mainframe and Directory Service environments.
• Develop and implement technical policies, standards and procedures for ETF’s user authenticated environments and Mainframe systems.
• Interact with agency Business Managers and IT Technical staff to ensure proper security practices are being established and followed.
• Resolve and manage user access problems and questions reported to the ETF Service Management ticketing System.
• Provide technical expertise, consulting and problem resolution support and diagnosis for all ETF Directory Service and Mainframe environments.
• Provide advanced technical operations support and backup assistance to the ITSC section’s units regarding user access security functions and integration into ETF’s technical environment.
• Conduct routine and regular ongoing reviews of security audit and control procedures.
• Participate as needed on ETF enterprise projects and special projects assigned by the ITSC Supervisor.
KNOWLEDGE, SKILLS AND ABILITIES:
• Advanced knowledge of concepts of authentication, authorization, active directory policies, directory resource administrator, and web filtering solutions.
• Extensive knowledge and skill to provide security administration in an IBM mainframe environment.
• Advanced knowledge in mainframe automation programing languages such as Computer Assisted Related Language Adaptation (CARLA) and Resource Access Control Facility (RACF).
• Demonstrated understanding of modern Identity & Access Management concepts and best practices required.
• Experience in access role development and maintenance and defining application level roles/groups and permissions to ensure secure authentication and authorization mechanisms are aligned with policies, standards, and as appropriate, best practices.
• Understanding of audit and compliance requirements.
• Extensive experience with user administration, Active Directory and the user administration functions of a wide variety of multi-user services applications.
• Experience with Identity and Access Management domains including Identity Management, Access Management, Directory Management, Single Sign-On, Federation, and Role Based Access systems.
• Skill in principles and practices of effective written communication including policies and procedures, reports, proposals, and recommendations.
• Skill in principles and practices of effective customer relations and oral communication, including meeting facilitation and consulting with application developers and customers.
• Knowledge of computer security concepts and principles (e.g. security architectures and models, security management practices, access control, application security and network security, etc.) and ability to apply them.
• Knowledge and skill to provide computer security administration in an enterprise multi-domain environment.
• Ability to work in a team-oriented environment.
• Effective time management skills.
• Strong written and verbal communication skills required.
• Knowledge and skill in technical problem resolution.
• Able to multi-task, to be self-initiated, and work independently.
• Coordinate the IAM service functions for ETF through daily administration and support, process and procedure maintenance, technical documentation, policy support, and subject matter expert guidance of the appropriate technology tools to support our systems and increase ETF’s IAM automation.
• Administer, manage, and support Mainframe and Directory Service environments.
• Develop and implement technical policies, standards and procedures for ETF’s user authenticated environments and Mainframe systems.
• Interact with agency Business Managers and IT Technical staff to ensure proper security practices are being established and followed.
• Resolve and manage user access problems and questions reported to the ETF Service Management ticketing System.
• Provide technical expertise, consulting and problem resolution support and diagnosis for all ETF Directory Service and Mainframe environments.
• Provide advanced technical operations support and backup assistance to the ITSC section’s units regarding user access security functions and integration into ETF’s technical environment.
• Conduct routine and regular ongoing reviews of security audit and control procedures.
• Participate as needed on ETF enterprise projects and special projects assigned by the ITSC Supervisor.
KNOWLEDGE, SKILLS AND ABILITIES:
• Advanced knowledge of concepts of authentication, authorization, active directory policies, directory resource administrator, and web filtering solutions.
• Extensive knowledge and skill to provide security administration in an IBM mainframe environment.
• Advanced knowledge in mainframe automation programing languages such as Computer Assisted Related Language Adaptation (CARLA) and Resource Access Control Facility (RACF).
• Demonstrated understanding of modern Identity & Access Management concepts and best practices required.
• Experience in access role development and maintenance and defining application level roles/groups and permissions to ensure secure authentication and authorization mechanisms are aligned with policies, standards, and as appropriate, best practices.
• Understanding of audit and compliance requirements.
• Extensive experience with user administration, Active Directory and the user administration functions of a wide variety of multi-user services applications.
• Experience with Identity and Access Management domains including Identity Management, Access Management, Directory Management, Single Sign-On, Federation, and Role Based Access systems.
• Skill in principles and practices of effective written communication including policies and procedures, reports, proposals, and recommendations.
• Skill in principles and practices of effective customer relations and oral communication, including meeting facilitation and consulting with application developers and customers.
• Knowledge of computer security concepts and principles (e.g. security architectures and models, security management practices, access control, application security and network security, etc.) and ability to apply them.
• Knowledge and skill to provide computer security administration in an enterprise multi-domain environment.
• Ability to work in a team-oriented environment.
• Effective time management skills.
• Strong written and verbal communication skills required.
• Knowledge and skill in technical problem resolution.
• Able to multi-task, to be self-initiated, and work independently.