Lead Analyst, Cyber Security

WestRock is a leader in sustainable packaging, dedicated to creating efficient and scalable solutions. They are seeking a Lead Analyst in Cyber Security to design, implement, and support Identity Governance & Administration solutions, collaborating with cross-functional teams to enhance IAM security practices.

Responsibilities:

• Provides technical support across IAM applications to define, implement and enhance current and new IAM software, hardware requirements, delivering and supporting IGA applications, solutions, and processes
• Provide support with respect to implementation, and concurrent delivery of two or more Identity platforms (i.e., IGA and PAM) such as SailPoint, Saviynt, BeyondTrust, Okta, Ping Federate, Microsoft Azure AD
• Assist with configuring, implementing, maintenance, and documentation of all layers of IAM applications and robust identity and access solutions including tools to support account creation, onboarding, offboarding, user provisioning, deprovisioning, authorization, authentication, single-sign, federated identities, multi-factor authentication, and privileged access management activities
• Assist to modernize access control protocols, design from scratch, implement, and maintain role-based access controls (RBAC) and birthright provisioning/de-provisioning mechanisms to execute and maintain a strategy of “least privilege”
• Conducts proper root cause analysis and make recommendations to improve IAM processes or prevent future occurrence of end user access issues
• Assist in the analysis of user and permission data, and the development and documentation of test cases for applications on boarding, user access and other identified entitlements repositories that have been re-permissioned

Requirements:

• Bachelor's degree or a similar level of training in IT and information security
• 8-10 years of IT experience focused on Identity Governance Administration (IGA) and other security practices
• 8-10 years working knowledge of two or more IGA solutions (SailPoint, Saviynt, One Identity), etc
• 8+ years hands-on knowledge and experience with designing, configuring, implementing, and supporting IAM solutions such as SailPoint, Saviynt, BeyondTrust, Thycotic, CyberArk, Okta or Ping Federate or any IDAM tools
• Minimum 8 years hands-on experience with Identity Life-cycle Management processes and Identity Governance related to onboarding and offboarding, good understanding of Active Directory, Single Sign On (SSO) and modern authentication and authorization standards and protocols (i.e., SAML, OpenID Connect, OAuth)
• Solid understanding of IGA concepts and frameworks to resolve IAM complex issues in effective/creative ways
• Hands-on technical ability to support (SailPoint Identity Security Cloud – ISC / IdentityNow)
• Minimum 8 years' experience and know how in any combination of Cloud (AWS IAM), Network, Cyber
• Some understanding of Domains, Trusts, AD replication (configuration and troubleshooting), and Group Policy Object (GPO) management and experience in completing Identity migrations post-merger/acquisition
• Experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages
• Strong experience with Java, BeanShell, XML, and SQL
• Minimum 4 years working with Amazon Web Services (AWS) including EC2 and Lambda
• Must have strong communications skills with the ability to interface with both executives and technical staff
• Experience running risk management programs and IT architecture planning and implementation
• Travel up to 30%, although this may be higher when ramping up
• Professional proficiency with the MS suite of products (Word, Excel, PPT, Visio, Project)
• Self-directed, results-oriented and ability to work under tight deadlines in a fast-paced environment
• Strong attention to detail, analytical, decision-making, effective document, and process review skills
• Demonstrates strategic thinking in application of security technologies and interoperability
• Certifications a plus such as: CISSP, CISM, CRISC, CISA and other similar IAM related certifications