The Information Security Analyst III position will provide thought leadership, strategic guidance, design consultation, project planning and implementation readiness assistance for our IAM program, which is now heavily influenced by a role based access control (RBAC) platform.  This role will focus on understanding the current IAM landscape along with the ACA’s short, medium- and long-term requirements and help develop a roadmap for the department into the future. 

Activities will require interaction with PAM Software, Onboarding, Active Directory, Azure, IAM software, Department Managers, AWS, and Offboarding.   The position utilizes one-on-one consultancy to end users and ACA IT and HR staff. The position’s responsibilities require excellent written & verbal communication, team-oriented work ethics and problem-solving skills.

Essential Functions

• Privileged Access Management [PAM]
  • Assist with implementing a new Privileged Access Management (PAM) software and be a subject matter expert regarding the PAM software and capabilities to the organization.
• Identity & Access Management [IAM]
  • Oversee IAM development and implementation efforts on major projects. Identify and document minimum necessary permissions and entitlements for all ACA users by using roles based on job title.
  • Liaison with HR, Hiring Managers, and Infrastructure regarding Onboarding processes and procedures
  • Manage end user Accounts & Credential Lifecycles
  • Support enterprise rollout of IAM initiatives and services (SSO, LDAP, SAML, etc)
• Amazon Web Services [AWS] IAM
  • Liaison with Architect & Developers for any AWS IAM role creations/edits/audits
  • Technical Writing
  • Develop/update policies, processes, protocols, and standards for the design, implementation, maintenance, and support of various enterprise PAM security and identity tools.
  • Develop/update technical process & procedural documentation as needed
  • Develop/update any training documentation as needed
  • Collaborate on any Standard Operating Procedures, Runbooks, and Statements of Work as needed
• Resolve complex technical issues related to security and user access.
• Participate in user and access security, audit, and compliance investigations.
• Ensure all ACA systems, networks, and processes adhere to a layered security platform, follow NIST best practices, as well as Access security methodologies
• Partner with internal departments as Information Security Subject Matter Expert [SME] to ensure layered security and address any security concerns for new ACA products/services.
• Serve as a liaison to technical and business users to ensure requirements are understood and interpreted correctly.
• Identify and manage existing and emerging risks that stem from identity and access management functions.
• Augment and enhance user, role, and permissions audits.
• Participate in enterprise roadmap discussions and feature requests as they relate to identity and access management functions.
• Collaborate with peers to tune and enhance information security as it relates to identity, access, and privileged access management.

Qualifications

• Experience working with IAM and PAM technologies in an implementation or designer role.
• Solid understanding of RBAC, and its applicability in large, regulated environments.
• Advanced Knowledge of Identity & Access Management End User Accounts & Authorization, Authentication and Credential Lifecycle
• Advanced Knowledge of single-sign-on, federation, and multi-factor authentication tools and services.
• Knowledge of Active Directory and Azure Active Directory
• Knowledge of network and host-based security, applications and data security
• Knowledge of Atlassian JIRA ticketing system
• Ability to understand and translate technical terminology and/or aspects of projects/tasks.
• Excellent technical investigation and problem-solving skills.
• Ability to work alone and in a team setting.
• Good verbal and written communication skills with a strong customer service orientation.
• CompTIA Security+ certification is a plus
• AWS Cloud Practitioner certification is a plus

Supervisory Responsibility

This position has no supervisory responsibilities.

Work Environment and Physical Demands

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Position Type/Expected Hours of Work

This is a full-time position with a work schedule of Monday-Friday with some schedule variations as needed.

Travel

This position will require up to 10% travel.

EEO Statement

ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.  ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

California Privacy Notice
"As an employer of California residents, we are dedicated to protecting your privacy rights. Any personal information you provide during the application process will be used solely for permitted internal purposes and will be handled in accordance with applicable privacy laws. By applying to this position, you consent to the collection, use, and disclosure of your personal information as described in our Employee Privacy Notice."

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

#LI-BP1