Job Description
Bell is currently seeking a candidate for the position of Analyst Junior – Access Governance, reporting to the Senior Manager – Access governance, part of the Information Security group within Corporate Security. This position is responsible for the governance of identity and access management services.
Job duties/accountabilities:
- Security advisor Junior in Identity and Access management across the enterprise
- Participate in roadmap development and implementation strategies for managing identities and access across the enterprise
- Collect, identify business requirements for any business units that consume identity data and ensure the optimization of roles and accesses
- Ensure business rules are followed for identity management
- Be a SME for Privileged Access Management, Identity and access management, Remote access and two-factor authentication, certificate authority services, Federation Services and Mainframe access services for the enterprise
- Provides oversight on the lifecycle processes for identity management supporting the on/off/cross-boarding processes as well as access certification process in support of regulatory and business requirements
- Work with the business primes for definition of new technology requirements and participate in evaluation and implementation projects across all Identity and Access Management services
- Define and develop Key performance indicators and Key risks indicators
- Participate in planning and coordination of activities in project deliveries utilizing the Identity and access management services
- Assist in mitigating potential information security incidents and vulnerabilities associated with the Identity and Access Management service.
- Participate with the business in implementing solutions to mitigate identity risks and enhance system security
- Analyzes and resolves data, application, computer, network and internet security problems and breaches.
- In line with its area of expertise, the incumbent may participate and represent the team in audit reviews, committees and other relevant meetings.
Essential skills/competencies:
- University Diploma in Computer Sciences or equivalent or equivalent experience.
- Five (5) years of pertinent experience in computer security and networking technology preferably in a telecom environment
- Broad knowledge in Identity and access management lifecycle processes and tools
- Excellent knowledge of Visio, Word, Excel, PowerPoint
- Excellent knowledge for Identity and access management requirements pertaining to Cloud systems including identity federation.
- Excellent Knowledge of Active Directory, LDAP, SAP, SailPoint, Thycotic and various Authentication Mechanisms
- Good knowledge of Database Management Systems, Systems management, systems infrastructure, security standards
- Good knowledge of Remote access tools (VPN, VPN-SSL), Two-factor authentication technologies (SecurID) Digital Certificates, and Mainframe access solutions (ACF2, Top-Secret or RACF)
- Excellent communication and team working skills and able to conduct presentations
- Use and understanding of industry practice and standards (ITIL, ISO 17799, PCI-DSS, Sarbanes-Oxley…)
- Is structured, organized and has a good capacity for analysis and synthesis when confronted with challenges
- Bilingualism is an asset (French and English)
Preferred skills/competencies:
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Global information Assurance Certification(GIAC), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA) or other similar credentials.
- Experience in the fields of business continuity planning, auditing and risk management.
- Knowledge of the Information Security Forum, Standard of Good Practice
- Finally, the candidate must successfully go through extensive background verifications including but not limited to criminal record and reputational checks.
- NOTE: All Security personnel are required to sign a letter of non-disclosure, which prevents them from divulging sensitive information that they may be exposed to during their assignment. This policy is strictly enforced.