Description
Security administration is a hands-on role that requires a high level of technical expertise. The person in this position is responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices; support and analysis for security incident response actions; and architectural design of a wide variety of IT security systems across the enterprise – including network, operating system, and/or application based systems.
Additionally, as legal and regulatory compliance drivers continue to grow in impact and importance, many of the security administrator’s tasks may also be part of an audit support function.
The individual in this position interacts closely with security product vendors and service providers, with personnel from various IT departments — including the application development, networks and server team — and with business departments.
Roles and Responsibilities
- Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines.
- Assist and develop with the implementation of integrated identity and access control solutions within the environment to support Identify & Access Management (IAM) functions – i.e. Windows domain architecture and Active Directory configuration; Unix and other operating system integration with main directory repositories.
- Liaison with external Bank customers for creation of new accounts and resetting passwords.
- Carry out daily, monthly and annual reports and inspections. Review these reports and ensure any exceptions are followed-up on.
- Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
- Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
- Apply patches where appropriate and, at the direction of the VP Security Operations, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards.
- Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
- Develop and maintain documentation for security systems and procedures.
- Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations.
- To undertake any other reasonable duties as requested from time to time by the Security Administration Team Leader and Chief Information Security Officer.
Experience
- Good general PC skills.
- Knowledge or awareness of Identity Access Management System (IAMS) and/or User Provisioning System is an advantage.
Experience/Knowledge of the following:
- Microsoft Active Directory Infrastructure
- Single SignOn (SSO) profiling and the use of SSO user authentication software.
- Hardware token two factor authentication and biometric authentication.
- Lotus Notes email client.
- Microsoft Office Suite.
Skills
- Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
- Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
- Ability to work well under minimal supervision.
- Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel.
- Strong written and verbal communication skills.
- Strong customer/client focus and provide a superior customer/client experience.
- Build long-term relationships with team members and the wider IT function.
- Experience in developing, documenting and maintaining security procedures.
Salary:
Top market rates paid