Security Analysis Specialist Advisor
NTT America, Inc., Plano, TX, United States
Job Description and Key Responsibilities
Define Access Scope:
Identify which systems, applications, and sensitive entitlements (e.g., AWS, SAP, Salesforce) need to be reviewed, including dormant accounts and high-risk administrative access.
Review Execution:
Regularly collect user entitlements (who has access to what) and present them to managers or application owners for certification.
Identify Risky Access:
Flag over-privileged accounts, "orphan" accounts (leftover access from former employees), and separation-of-duty (SoD) conflicts.
Remediation and Action:
Coordinate with IT teams to revoke or adjust unnecessary or inappropriate access rights.
Audit and Reporting:
Document the entire review process, including approvals and removals, to provide a comprehensive audit trail for regulatory compliance.
Automation Optimization:
Utilize Identity Governance and Administration (IGA) platforms (e.g., SailPoint, Okta, SAP GRC) to streamline reviews, moving from manual spreadsheets to automated workflows.
Key Skills and Qualifications
Knowledge of IAM/IGA:
Strong understanding of Identity & Access Management concepts and governance tools.
Compliance Knowledge:
Familiarity with regulations such as SOX, HIPAA, SOC 2, or ISO 27001.
Analytical Skills:
Ability to analyze large datasets to identify access trends and outliers.
Communication:
Ability to work with managers and application owners to confirm access appropriateness.
#J-18808-Ljbffr
Define Access Scope:
Identify which systems, applications, and sensitive entitlements (e.g., AWS, SAP, Salesforce) need to be reviewed, including dormant accounts and high-risk administrative access.
Review Execution:
Regularly collect user entitlements (who has access to what) and present them to managers or application owners for certification.
Identify Risky Access:
Flag over-privileged accounts, "orphan" accounts (leftover access from former employees), and separation-of-duty (SoD) conflicts.
Remediation and Action:
Coordinate with IT teams to revoke or adjust unnecessary or inappropriate access rights.
Audit and Reporting:
Document the entire review process, including approvals and removals, to provide a comprehensive audit trail for regulatory compliance.
Automation Optimization:
Utilize Identity Governance and Administration (IGA) platforms (e.g., SailPoint, Okta, SAP GRC) to streamline reviews, moving from manual spreadsheets to automated workflows.
Key Skills and Qualifications
Knowledge of IAM/IGA:
Strong understanding of Identity & Access Management concepts and governance tools.
Compliance Knowledge:
Familiarity with regulations such as SOX, HIPAA, SOC 2, or ISO 27001.
Analytical Skills:
Ability to analyze large datasets to identify access trends and outliers.
Communication:
Ability to work with managers and application owners to confirm access appropriateness.
#J-18808-Ljbffr