SECURITY ANALYST (SAILPOINT) in Raleigh, NC at Vaco

Date Posted: 9/9/2020

Job Snapshot

Job Description

We are looking for a Cyber Security Analyst with SailPoint (ideally) and Active Directory. We are looking for someone with a strong functional side and may be starting out doing BA type work at first to make sure all of the technical work that is coming is the right type of work. They don't want to just start making a lot of technical changes without first make sure they're the right changes to make. This person will be engaging with stakeholders to determine requirements for these systems for a while at first, then doing the hands-on work in some cases and passing it to other more technical resources when it makes sense.

Requirements:
* solid technical understanding of Active Directory - create groups and roles, as well as access groups to determine if they are properly updated to application standards, which may require remediation.
* Identity and Access Management
* Strong Active Directory
* Interfacing and coordinating with application teams
* Demonstrated the ability to communicate around timeline and environmental risk
* Identity Solution Experience- ideally SailPoint


Security Analyst Tasks & Problems to Solve

When new applications come into the company, they'll help align with standard integrated options
- Understanding how this application interacts with Active Directory, RACF, Okta, and database layer
- General understanding of IAM (Identity and Access Management)
- They'll help build roles / birthrights as they bring in more applications

There are about 500 applications (checkbox apps) that they're aware of, but they're not well-integrated
- Need to figure out how to integrate them
- Need to figure out how to incorporate Active Directory, RACF, etc. with these applications
- Some are web portals, and they need to figure out ramifications of this as well

Application Remediation
- Go through entitlements not current being reviewed
- If and when needed, split out entitlements by application for cleaner and neater IAM
- File-sharing remediation efforts
- Remediate descriptions (for fully-reviewed, fully-integrated applications, they'll be fixing standardized descriptions)

Nested Groups
- Remove nested groups (research, migrate off of, then retire nested groups)

Audit Prep
- Protect the Business with standardization

Analysis and Reporting
- Pulling data from Sailpoint
- Reviewing data to determine prioritization of actions above
- Coordination with the Business
- Come up with a burn chart

General Skills
- Operational:
o Answering e-mails
o Understanding IAM and requesting access
o Customer service skills
o Written and verbal communication
o IAM data analysis

Context of the team
o Need to understand Active Directory, accounts, access, etc.
o Need to compare Sailpoint Identity IQ and Active Directory
o Access: Strong Active Directory experience (not administrator or engineer, but they've used it)
o Identity: they'll use Sailpoint and need to understand how multi-group access works
o They'll troubleshoot access issues, understand the workflows, logs, etc.