Qualifications:
Position Objective: • Perform monitoring activities for privileged access and service accounts • Assist in sensitive data discovery project (securing folders) • Create/collect/compile metrics for IT Security Council • Perform testing on non-production environments to ensure data is masked/de-identified • Determine automation and improvement opportunities to current processesMajor Opportunities and Decisions: (Describe the more difficult and/or complex challenges or opportunities and decisions faced in doing work, improving processes or meeting customer needs. Where must position focus to be successful?) – Detail and accuracy in all manual processes and reporting – Project Management skills, for timely completion of tasks. – Organizational skills to manage the artifacts that feed into the workflow. – Customer service skills, to schedule and follow-up data owner’s participation. – General technical understanding of the interrelationships and security requirements of the various components under review. Principal Accountabilities: (List 6-8 major areas of responsibilities in order of importance, and purpose of these activities. In addition, identify percent of time normally spent and whether the activity is an essential or minor function.) Based on the focus areas highlighted above, the following matrix expands upon these activities. Please note that the % of time varies to where the Project is within its relative Project Life Cycle. Accountability Activity Daily QA review of privileged access usage – Run reports in Splunk daily for Privileged Access activity – Search Guardian Service Center (ticketing system) for related tickets – Compile any violations to send to onshore resource for violation notifications Daily monitoring of service account usage – Use daily Splunk reports for Interactive Service ID usage activity – Windows, Unix, and Database – Search Guardian Service Center (ticketing system) for related tickets – Compile any violations to send to onshore resource for violation notifications Business Analysis for unstructured data – Review reports from Varonis Sensitive Data Discovery tool to determine location of targeted sensitive data types, and security groups applied to those locations. – Use existing reports to assign ownership to those directory locations. – Follow up with data owner to determine whether data can be removed or moved to secure location Collect and Create Risk and Controls metrics for IT Security Council – Collect data/Run reporting in GSC, Splunk, StealthAudit, etc. – Create metrics tables and graphs. – Compile metrics into PowerPoint to send to onshore resource for validation and stakeholder notifications/follow ups Test Data Masking Validation (Compare non-prod to prod to ensure that non-prod environments are probably masked) – Filtering of MAL data extracts on Privacy Data – Engaging subject matter experts to complete current state posture of test data masking templates – Ability to analyze and identify risks where data not de-identified – Compile any identified risks to send to onshore resources for creating risk entries within Archer – Ability to validate risk remediation with SME’s through data compares – Track and monitor open applications reviews, communicate non-compliance and ensure remediation plans in place and monitored Process Improvement/Automation – Identify opportunities for automation of current activities – Develop scripts/code to enhance workflows Education and Experience: (Identify types and length of education and experience needed to acquire the necessary skills and knowledge to accomplish the desired end results.) Education: Education: – BS / BA in Computer Science or related field or equivalent experience is desired. Experience: – Minimum 3-5 years of experience in IT – Able to be available during US business hours for owner communications – Strong Communication skills and command of English language. – Strong MS Excel skills in formulas and graph creation/manipulation – Strong Business Analyst Skills – Familiar with Windows (Active Directory) and user access/permissions. – Familiar with Windows User Administration using Active Directory Users and Computers (ADUC) tool. – Familiar with Windows Fileshares – Ability to analyze and update data from reports. – Understanding of basic project management – Familiar with test data masking standards and guidelines preferred – Familiar with Master Application List preferred – Knowledge of US HIPPA, PII, and SSNs for sensitive data discovery preferred – Basic knowledge of Security: configuration, malware, phishing, etc is a plus – Experience in writing scripts and/or programming a plus
Location:
This position can be based in any of the following locations:
Gurgaon
18-07-2022 Manage the ServiceNow ticket queues for the Network team, driving requests from creation to completion Follow established processes, suggest...
Apply For This JobZOS_System_Admin: Minimum 8+ Years of Work experience in Mainframe Z/OS Admin Install, update, and administer Mainframe zOS operating system. Perform...
Apply For This JobWe are looking for a Business Analysis Specialist to work as part of our Business Analyst Team. This person will...
Apply For This JobWork Styles at Zoom In most cases, you will have the opportunity to choose your preferred working location from the...
Apply For This JobDear Candidate, Location: – PAN India /All India Experience: – 6-10 Yrs Notice Period: Immediate to 60 Days Job Description:...
Apply For This JobOur heritage is proudly Australian, but we’re creating a global footprint. With a workforce of employees across more than 20...
Apply For This Job