POSITION SUMMARY: The Access Control Technician is responsible for processing client security requests on a variety of systems, applications and databases, using a variety of software packages. The Access Control Technician has the responsibility of implementing and executing Information Security processes and procedures as they align with ISO 20000/ITIL Service Operation Processes and Functions and has integration points with ITIL Service Transition Processes.
RESPONSIBILITIES:
- Responsible for the Access Control administration and validation on CPIC systems including but not limited to: Active Directory, AS400, EPAS, CTS, ProFinancial, CSC, VPN, Spendmap, Database access, and Manage My Policy.
- Help update and maintain Access control authority matrix.
- Responsible for detecting any security violation within the access control domain.
- Monitor unauthorized media files and software use.
- Administer and maintain Quest password recovery manager and Quest Reporting tools.
- Assist the IS/IT Security team in the implementation of security policies.
- Process Security work order requests within an established service level agreement.
- Respond to Service Desk Tickets.
- Responsible for user account management; account creation, account deactivation, modification of account access authority matrix as required.
- Support external and internal audit efforts by providing accurate user account information.
- Perform data entry and the daily maintenance of security logs.
- Create and maintains accurate process documentation and validates and review security documentation
- Perform periodic account and system audits and maintain security NDA files.
- Participate in projects as assigned.
- Assist in the communication of Security policies, processes and procedures to users.
- Assist in the implementation and delivery of Security Awareness.
- Communicate and report issues, status, and results to IS/IT Security management.
- Monitor and log the use of Information security hardware, software, and books.
REQUIRED EDUCATION AND EXPERIENCE:
- AA/AS in Computer Science, Information Technology or equivalent field or equivalent combination of education, training and related IT experience in a business environment.
- 1 year experience in information technology or IS/IT security or Access Control experience in an application, database or related experience.
- 1 year of end-user/customer support of IT systems/networks/devices
REQUIRED KNOWLEDGE, SKILLS AND ABILITIES:
- Excellent communication and interpersonal skills and professional appearance.
- Strong knowledge in user account management.
- Proficient in application, systems, and network user administration, including system security, authentication, user id and password management and integrity
- Proficient in MS Office Suite (Word, Excel, Access, PowerPoint, Visio and Outlook), Microsoft Desktop and Server Operating Systems.
- Basic knowledge of Internet concepts and web hosted applications
- Basic knowledge of Security services involving networks, firewalls, web servers, DNS administration, LDAP and Relational Database systems.
- Basic understanding of information security theory and practices.
- Current certification in CompTIA’s Security +. If not current, must be obtained within 90 days of employment.
PREFERRED QUALIFICATIONS:
- Knowledge and understanding of ITIL
- 2 years experience in information technology or IS/IT security or Access Control experience in an application, database or related experience.
- Insurance Industry experience.
- Knowledge of regulatory issues such as SOX, COBIT, PCI, HIPAA
- Understanding of security standards and frameworks [such as ISO 17799]
To apply, please send a current copy of your resume to Stacey Nemeth at: Stacey.nemeth@brandtinfo.com.