Our client is hiring a Client Security Analyst who is responsible for day-to-day security administration tasks on all infrastructure platforms that are centrally supported by the corporate IT organization.
Primary platforms include, but are not limited to: SAP, Mainframe access, Microsoft Windows Server/Active Directory, Office365 security, Microsoft Exchange, IBM AIX, IBMLDAP TDS, and various database security administration. This role is primarily focused on mainframe and SAP identity, with some limited support of windows Active Directory, Azure AD, and IBM LDAP.
Within this role you will be responsible for the identification and implementation of optimizations that drive continuous improvement and productivity around security administration across the administration team.
This role is also responsible for maintaining the security administration documentation repository and is the primary liaison for Internal Audit and other security compliance demands of the corporation.
The successful candidate for this role requires a broad technical background of a wide breath of identity and access management, SAP security principles, strong hands-on experience, strong interpersonal skills, and problem-solving abilities.
This individual must be familiar with security best practices as it relates to both the implementation and ongoing operations of an enterprise landscape.
Areas of responsibilities include but not limited to:
• Responsible for day-to-day identity and access management tasks throughout production support and all project lifecycles.
• This position will be responsible for executing day-to-day tasks to include creating, deleting, disabling, enabling, unlocking and modifying user accounts, permissions and access rights in multiple technical platforms, including, but not limited to: Mainframe Security, MS Active Directory, IBM TAM/TDS LDAP,UNIX, , MS Exchange, and client specific applications.
• Assist and participate in the design, creation and maintenance of SAP and other open-system user accounts, passwords, security profiles and roles.
• Assist and participate in developing policies and procedures to govern theIdentity Lifecycle.
• Monitors for potential security policy violations and report to IT managementwith recommended corrective actions.
• Work with Internal Audit & Compliance teams to facilitate strong controlsaround user access and usage of the system as appropriate and to ensure the SAPapplications and other open systems are secured as per organizational companysecurity policies and procedures.
• Perform security design and engineering for new solutions and theimplementation of those solutions
• Provide ongoing support for both planned and unplanned activities to minimizedisruption to the business
• Performs other duties as assigned.
Required Length & Type of Experience:
• Minimum 3 years in a large, enterprise client-server environment
• Mainframe security administration experience is required.
• Hands-on experience in administering UNIX and Windows security is required.
• A background and understanding of managing a Microsoft Active Directory LDAP and IBM TDS LDAP is highly desirable.
• A strong understanding of windows Share permissions, NTFS permissions and Active Directory group memberships is highly desirable
• Experience and understanding of Office 365 security administration is highly desirable.
Knowledge, Skills & Abilities:
•Demonstrate excellent analytical abilities and critical thinking
• Experiencewith z/OS Mainframe access provisioning using Top Secret/TSO/Roscoe/IDMS/CICS
• Experience in SAP authorization concepts, roles/activity groups, useradministration and role based access control is a plus.
• Basic knowledge of Windows Active Directory and Windows server securityadministration
• Intermediate knowledge of AIX UNIX security administration
• Basic knowledge of IBM TAM/TDS LDAP security administration
• Basic knowledge of Delinea (Thycotic) Secret Server or other PrivilegedAccess Management tool
• Experience with AzureAD, including AzureAD connect, Conditional Access, andIdentity Protection
• Basic knowledge of email administration with Microsoft Exchange
• Knowledge of SAP NetWeaver Identity management is a big plus
• Excellent troubleshooting, root cause analysis and test planning skills
• Exposure to information security disciplines in a large, enterprise client-server environment is a big plus
Bachelor’s degree in management information systems, computer science, and/or business, or equivalent work experience.