EY IAMS Security Compliance and Process Coordinator in Trivandrum, India
IAMS Security Compliance and Process Coordinator
Core Business Services
Requisition # TVM0001B
Post Date Oct 30, 2018
The IAMS Security Compliance Coordinator is a multifunctional role with a primary focus on providing compliance aligned support for Identity and Access Management Services (IAMS) within the Service Management team of the Information Security (IS) domain.
The primary role leverages the output from the Global Vulnerability Management (GVM) processes which provides a global scan of the IAMS Infrastructure and data aligned technologies to identify vulnerabilities in the protection of its intellectual properties and other data based elements.
The role may work in partnership with others in Information Technology (IT) on security vulnerability activities to remediate software or hardware that may need removal, blocking or exception to maintain the IAMS permit to operate mandate of its infrastructure services. T
he role provides for knowledge sharing activities to ensure the successful remediation of all GVM findings for the IAMS business.
Secondary aspects for this role will provide support for the IAMS business in support of additional DevSecOps and Agile activities including but not limited to Change Management, Disaster Recovery, OpsDB maintenance, CMDB development and support, and process improvement documentation and education.
The role is an agile role, generally an individual contributor and is managed by the Service Management Lead in IAMS.
Provides the operational day-to-day vulnerability oversight and other risk management activities to Identity and Access Management Service (IAMS)
Engages the appropriate team contacts in order to track of security deficiencies through the documentation of finding responses / exceptions and communicating the status of follow through of the remediation closure to increase the security maturity of the security program and reduce overall risk
Reports on metrics to gauge effectiveness of vulnerability remediation and publishes periodic metrics reports
Analyses the data contained within the compliance system and other security information repositories to identify security trends, root causes and notable risks.
Advises managers and other leaders concerning the overall status of the function’s GVM and compliance findings and associated remediation plans and exceptions
Drives the remediation of vulnerability and related connectivity issues to restore appropriate functions in accordance with operational readiness directives and agreed OLAs.
Act as CMDB Champion in support of developing and maintaining an IAMS CMDB effort, Manage activities in support of data accuracy and reconciliation
Conduct inventory duties within IAMS maintaining records and databases containing information regarding licenses, warranties, and service agreements for the organization's hardware and software. Support additional asset management functions as needed. Engage in OpsDB data accuracy efforts and reconciliation
Assist with activities to assist Business Leads control, track and audit Changes in the IMAS environment
Maintaining or updating designated business intelligence tools, databases, dashboards, systems, business processes or methods that enable sustainable and measureable improvements as needed
Assist with planning, budgeting, forecasting, performance measuring, and reporting services as needed
Knowledge, Skill and Experience Requirements
Maintains strong interpersonal skills to engage with peers and others in the firm in cross business discussions within a matrixed, geographically dispersed organization and to build a solid network of peers and others of influence. Adapts personal communication style to the style of others, develops rapport and stays calm under pressure or escalating issues using strong oral and written English communication skills.
Projects strong consultative skill to conduct effective questioning, hone in on key directives to formulate ideas and materials as well as present those ideas clearly and concisely to all levels of management within Implementation & Configuration Services and Identity & Access Management Services (IAMS) and others within the broader EY organization.
Maintains knowledge of services and applications with the assigned IAM processes and operating environment to recognize improvement opportunities and next generation solutions achievable through engineering.
Maintains a strong analytical and problem solving ability to identify and escalate complex and conflicting IAMS or Global IT engineering issues, adapt to multiple and shifting implementation priorities across a broad spectrum of operating environments and provide solutions that are both financially sound and operationally feasible.
Possesses a working knowledge of Information Technology Infrastructure Library (ITIL) to recognize appropriate reporting features and functions in various IT Service processes. Looks to progress levels of certification as required or to suggest alternatives to standards as appropriate.
Possesses a working knowledge of Project Management Institute’s (PMI) Project Management Body of Knowledge (PMBOK) project management framework that provides project managers with the fundamental practices needed to achieve organizational results and excellence in the practice of project management.
Possesses a knowledge of collaboration tools designed for sharing knowledge and information such as Service Management Knowledge System, SharePoint and Yammer.
Develops an on-going knowledge of EY’s business and the way IAMS team adds to the effectiveness of the IAM processes. Identifies and provides appropriate services and solutions as part of both knowledge sharing and engineering services positioning.
Maintains implementation and configuration projects by operating within best practices or delegating work effectively utilizing the proper people, time and project management disciplines across a diverse culture and multiple time zones.
- Bachelor's degree in a technical discipline such as Engineering or Computer Science or equivalent work experience in Information Security or vulnerability management
Approximately 5-7 years of Information Security experience preferably in an operations environment
Strong knowledge of IAM concepts, best practices, and IAM procedures
Experience and understanding of databases and data elements
Experience working in a global virtual environment
Should hold one or more of the following certifications or have an equivalency in same:
Certified Information System Auditor CISA
Certified Information Systems Security Professional (CISSP)
Global Information Assurance Certification (GIAC) in related area
Information Technology Infrastructure Library (ITIL v2 or v3 Foundations training)