Cybersecurity and Compliance Analyst

Technologies we use

Your responsibilities

• Ensuring the PAR ASCD (Asset Selection Criteria Document) has been updated with technical requirements from control definitions and entitlements are tagged in SailPoint

• Performs heavy QA work to ensure all items in the ASCD are being reviewed via SailPoint or Manual Reviews

• Ensure checklist for staging and executing SailPoint Certification campaigns is followed

• Action the project plan for UARs, conduct tie-outs for completeness and accuracy validation, and prepare application packages for Internal Audit

• Provide support to stakeholders for successful execution of UAR reviews and confirm revokes have been actioned

• Analyze proposed changes to Workday data for impacts to roles and Job Transfer control

• Participate in PCI assessments and provide documentation to the assessors, represent IAM in the move to 4.0 regulations and resulting changes to policies and systems

• Collect voice-of-customer feedback for continuous process improvement

• Maintain metrics and benchmarking data.

• Monitors functionality of connectors and data aggregation

• Monitors provisioning tasks to ensure appropriate deprovisioning of entitlements, work with SailPoint engineering teams to review and remediate errors and issues

• Create, update, and maintain IAM policies standards and procedures to support security/regulatory needs

• Participate in compliance activities for SailPoint expansion into Azure

• Assist with gathering and documenting requirements from the business for adding and updating roles, obtaining approvals and updating Service Now tickets and workflows

• Performing role composition recertifications

• Maintaining documentation for audit testing

• Assist with the development of the process and governance for temporary local admin rights

• Collaborate with Service Now and Risk teams to ensure the process meets compliance and risk requirements while focusing on decreasing fulfillment times

• Maintaining documentation and providing end-user support

• Maintaining and updating policies and procedures related to IT compliance, including workflow management and documentation

• Identifying gaps and contributing the backlog of operational, strategic and/or tactical governance initiatives to reduce risk, increase usability and operational effectiveness

• Participating in design of Service Now forms and owning responsibility for future updates/changes

Our requirements

What we offer

The Cybersecurity IAM Compliance team is responsible for overseeing and ensuring Identity's compliance with regulatory requirements and internal policies related to company IT systems and data, and works closely with other IT teams and departments within the organization to maintain and improve our compliance program.

The Cybersecurity Compliance team reporting into the IAM Compliance Supervisor is a team of analysts responsible for executing successful certifications, SOX controls and PCI assessments. The compliance team will ensure campaigns evolve as the identity program expands to new markets and platforms within the company, additional applications onboarded and certification campaigns expanded, as well as document all workflows and processes, and maintain support and troubleshooting artifacts. The team will collaborate within IT and other departments to ensure systems are designed and implemented to meet compliance requirements.