|Date Posted||April 8, 2021|
Trades & Services
The IAM Analyst is a collaborative, analytical, detail-oriented technology professional with responsibility to proactively work to monitor, enforce, advise and analyze the technology and data ecosphere both internally and externally to the organization. The Security Analyst will also act to coordinate and quantify security issues/threats discovered and track remediation/mitigation efforts to resolution as appropriate. This role is in the Identity and Access Management space.
Find a career. Gain a family.
Safelite will be unlike any place you've ever worked. (This won't be just the daily grind!) You'll join caring and passionate teams that collaborate to make a difference, deliver extraordinary results and bring unexpected happiness. Every day. Your effort, heart and creative ideas will be valued and rewarded. And we care about your well-being. So, we'll strive to give you what you need to be happy at work and at home.
- Responsible for the execution and implementation of the organization's information security strategy/program's daily operations, goals and objectives by developing and monitoring security standards and best practices for the organization. Recommend security enhancements as needed and build solutions to meet those needs as appropriate.
- Consult in areas relating to information security and privacy regulations/compliance standards (e.g. PCI-DSS, Consumer Protection Acts, GDPR, etc...) as it relates to enterprise operations. Review, edit and advise on client, supplier, vendor and/or partner contracts as it relates to information security and privacy issues.
- Provide operational governance for technology and business leadership to help ensure a continued alignment between the information security and privacy program, business architecture, technology architecture and the associated product, project, and program portfolios.
- Advises business stakeholders, partners and IT leadership in the identification, analysis and/or implementations of technologies, scope, requirements, benefits and risks of proposed initiatives/solutions as it relates specifically to information security and privacy goals/objectives.
- Proactively works with partners and suppliers to achieve objectives on time and within budget. Directs and/or takes appropriate action when necessary with partners/suppliers to build enterprise class solutions, respond to issues/threats, and/or communicate to stakeholders all utilizing efficient and effective tools and techniques.
- Help with user life cycle management through automated or manual processes.
- 3-5 years of relevant experience is required.
- Associates degree or higher in Computer Science, Information Systems, Computer Engineering, Information Security or a related field is required.
- Cyber Security Certifications (e.g. CISSP, GIAC certifications, etc.) are preferred.
- Direct and recent working experience with the following compliance programs: ISO 27001, PCI-DSS, SSAE18 SOC1 Type 2/SOC2 Type 2 is preferred.
- Demonstrated experience with NIST CSF, CoBit and/or COSO frameworks is preferred.
- Knowledge of these tools preferred: AD/Powershell, Okta.
- Knowledge of these concepts required: SSO/Federated Identity Management, PAM, Certificates.