Beschreibung
Data Access Management - Business Analyst - Germany, Data Access Management - Business Analyst - Germany
Unstructured Data Access Management - Business Analyst Role supporting Governor
(RSA IMG) Project Manager for Sharepoint and Exchange Shared Mailboxes
Role Outline:
The position will support the Project Manager of the Governor (RSA IMG) team that will address the recertification of Sharepoint and Exchange Shared Mailboxes. The candidate will be responsible for understanding multi-faceted requirements and developing a requirements framework that will be utilized by the Solutions Design team, Architecture and Engineering teams in building a solution.
Key Responsibilities:
Review and understand all outstanding audit issues regarding Sharepoint sites and Shared Mailboxes
Research all regulatory requirements regarding Sharepoint sites and Shared Mailboxes protection
Build inventory of regulatory requirements and required controls
Review and understand all DB Policies supporting Sharepoint and Shared Mailboxes
Support the development of policy changes/updates based on the requirements and controls
Assist in the research, analysis, and requirements gathering using industry studies and peer experience of Sharepoint and Shared Mailboxes protection
Understand and analyze region and country requirements regarding Sharepoint and Shared Mailboxes
Assist in confirming the scope of the project
Generate a project scope document
Create an inventory of existing controls
Build a threats and control Matrix based on the requirements
Build a security control maturity Matrix
Ensure alignment of requirements with existing security solutions and IT infrastructure
Act as interface to the Solutions Design team, architects and engineers
Explore vendor or in house products to address Sharepoint sites and Shared Mailboxes security gaps
Required Knowledge/Skills:
Extensive, in-depth and proven experience in project management and people management
Significant knowledge in Information Security and concepts, specifically Access Controls
Significant knowledge of Unstructured Data, Sharepoint and Exchange Shared Mailboxes
Excellent communication, negotiation, networking, and influencing skills
Proficient speaking and presentation skills
Experienced at prioritizing and looking at the big picture (key problem to be solved), without becoming caught up in details
Open minded and empathetic (with customers and users)
Ability to work in fast paced environments
Ability to prioritize and to move work forward, while juggling (daily) urgent requests
Passion about sharing knowledge and best practice
Proven managerial experience
Fluent in English (written/verbal)
Role Attributes
Managing Relationships:
Teamwork
Communication
Integrity, trust & fairness
Customer & service orientation
Global effectiveness & diversity creation
Negotiation & conflict resolution
Technical and Product Skills:
Technology knowledge & expertise
Business & product knowledge
o Risk management & control
Intellectual:
Analysis & problem solving
Architecture & design skills
Workflow/process re-engineering
Change Management:
Strategy development & implementation
Program & project management
Commercial Skills:
Entrepreneurial spirit
Sourcing & implementation of commercial solutions
Financial management
Adaptability:
Openness to innovation & change
Performance orientation
Required:
5+ years experience in the field of Information Security, Information Assurance, or IT Auditing, IT Policy Development, Regulatory knowledge impacting Technology
Bachelor's degree in Information Systems, or Computer Science preferred
Familiarity with ISO 27001, 27002, and 27005
Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
Security auditing to include knowledge of financial industry regulations: Gramm-Leach
Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), SOX
Ability to analyze, establish requirements, define risks, and design controls Matrix
In depth knowledge of Identity Access Management and Access Control
Working knowledge with security services such as encryption, authentication, and intrusion detection and prevention architectures
Project leadership and relationship building skills
Ability to work in a team environment
Excellent written and verbal communication skills
Preferred:
10+ years experience in the field of IT Security
Prefer at least one of the following certifications: Certified Information Systems Security
Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified
Information Systems Manager (CISM)