Security Access Control Specialist
Gravity IT Resources
To Apply for this Job Click Here
Job Title: Security Access Control Specialist
Location: Weston, Florida (Hybrid)
Shift: 8:30am – 5:30pm EST (1 hr lunch)
Hours: 40 Hours a week, No OT/weekend work expectations
Duration: 1 year contract, medium possibility of extension and low possibility of conversion (depends on business conditions and contractor performance)
Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly (we are not open to contract or “corp to corp” agreements).
Primary Responsibilities:
- Maintain all ISO, SOC1, SOC2 controls under the IAM team
- Conduct assessments by understanding business objectives, structure, policies and procedures, for each SOC controls.
- Conduct periodic access reviews on a weekly, monthly, quarterly, biannually, and annually as required by audit control and/or defined process
- Evaluate the adequacy and effectiveness of internal controls and compliance with regulations by understanding business objectives, structure, policies and procedures, and communicate results to management for SOC1, SOC2 and ISO.
- Serve as a liaison between the IAM and ER teams
- Serve as a liaison to internal and external auditors
- Have a full understanding of all SOC Controls and ISO processes governing IAM
- Work with development teams on process improvements initiatives for IAM related tools and/or processes
- Work on assigned projects with minimal to no supervision
- Work in a ticket-based queue with no supervision
- Draft documentation on systems, standards, procedures, and/or audit questionnaires related to audit tests, findings, controls, ISO policies, and internal training.
- Attend internal and external audit calls
- Conduct knowledge transfer and/or training of all controls IAM adheres to as required
- Conduct ad hoc audit reporting requests from customers
- Provide support to IAM, ER and development for SaaS, cloud and on-site Compliance
- Identify and recommend business process changes resulting in strengthening the internal controls
Required Qualifications:
- Ability to navigate in Windows-based operating systems
- Basic PC and server hardware knowledge and familiarity.
- Two years’ experience in Information Technology (IT) or Compliance.
- Detail-oriented.
- Energetic and motivated.
- Strong analytical skills
- Ability to work independently with minimal supervision.
- Ability to multitask and work in a fast paced, dynamic, client driven environment.
- Ability to work through conflicting priorities and tight deadlines.
- Highly motivated and team oriented.
- Excellent customer service skills.
- Effective verbal and written communications, including active listening and presentation skills
- Understanding of IAM concepts and best practices.
Experience, Education, Certification, License and Training:
- Experience in conducting IT controls assessments based on ISO 27001/27002, 27017 and 27018, SOC 1 and SOC 2 Type 2.
- Minimum 3 years of experience in IAM or an IT risk management position.
- Experience handling and maintaining confidential information.
Preferred Qualifications:
- 5+ years of experience in IAM or an IT risk management position.
- Bachelor’s degree in IT, Management Information Systems, or Computer Science.
- Compliance Certifications, such as CGEIT, CRISC, GRCP
- Technical aptitude with the ability to quickly grasp and understand system functionality and architecture.
- Experience with Microsoft Active Directory, Microsoft SQL, Citrix and PowerShell.
- Experience with IAM Google Cloud Platform and G Suite.