The position is centric to business analyst role in information security which performs specific, but not limited, functions:
1. provide business analyst consultation to business partners; enable businesses to effectively manage risk within their risk appetite and meet business objectives. Facilitate communication and execution of enterprise-wide information security programs and deliver enterprise awareness training.
2. conduct risk assessments on business applications, third parties, and infrastructure and validate that security and technology controls are implemented to support business requirements.
3. create ba documentation that leads the development and/or implementation of significant or bank-wide technology controls / information security strategies, policies, programs, tools and provide expert advice and guidance on technical solutions.
4. participate in control and governance activities and identify and assess potential security risks, breaches/exposures impacting highly complex/high risk businesses or transformational (change the bank) strategic initiatives primarily interfacing with executive and/or functional stakeholders across the bank.
5. provide system support to all application owners and validate the integrity of data provided by owners.
6. review and conduct requirements gathering between identity and access management system integration team and quality assurance teams.
7. distribute and support the on-boarding of all regulatory (sox/glba) application deliverables.
8. business analyst experience with designing, implementing and assessing application security processes, controls, and technologies.
9. meet with app owners to gather app information and provide guidance to fulfill onboarding questionnaire.
10. work with dev team and qa team to coordinate testing in pre and prod.
11. manage the end to end onboarding process.
education:
* university degree or equivalent experience at minimum.
* 5-7 years business analyst experience iam.
* 5-7 years project management relevant experience.
competences:
* access and identity management experience in identityiq/sailpoint (preferred), oracle identity, centrify, gigya or okta.
* sox and glba audits experience.
* structured, organized and highly focused on documentation, reporting, collection of requirements.
our work touches 140 million lives every day. How? By always innovating, sharing our experiences, questioning how we do things and adapting to new challenges.
as we keep reinventing ourselves for the digital age, you’ll find that with us, even your smallest action will have a massive impact.
#j-18808-ljbffr