Stefanini is looking for a Security Administrator in Richmond, VA and other multiple locations.
The position is expected to assist with developing fully researched recommendations that consider functional, technical, and business processes and address highly complex issues; and provide input into technical issues and requirements as requested by the Security Lead. Daily duties will include production support, supporting security in non-production environments, maintaining application security, generating and publishing security reports, performing security reviews, reviewing security procedures, troubleshooting user access issues, managing assigned project tasks, testing, and training new security team members.
What You Will Do:Serve as second-level security support with elevated powerful administrative privileges within the applications as a member of the centralized ESO Security team with guidance from the Security Lead regarding associated policies, procedures, and processes focused on the supported platform.Performs senior level day-to-day work with minimal supervision and often with no direction from superiors. Acts with a great deal of discretion within general scope of operational goals and plans.Perform assigned duties for all security aspects of supporting the new platform, ranging from application security policies and procedures to adherence to System-level policies and guidelines.Perform assigned duties for annual security audit activities spanning application, platform, external vendors and providers, and data privacy.Contribute to developing policies and procedures to manage application personas, domain security policies, business process security policies, Reference IDs, segmented security for functional support staff, and the usage of proxy access across the supported platforms.Annual review and updates to security procedures to maintain evolving security access and control environment requirements. Perform assigned tasks to maintain mobile authentication policies, security accounts for technical support resources/integrations, and the Enterprise Password Vaults.Perform assigned tasks related to SaaS vendor testing for annual Security Controls Assessment; SOC reports for SAFR and contribute to documentation/remediation for POAMs.Perform assigned tasks to support the ESO Data Management and Analytics Office team to implement security design and controls associated with platform reporting in Ariba and Workday as well as analytical platforms such as Workday Adaptive, Alteryx and PRISM.Develop and execute quality and assurance test plans to verify delivery of required security functionality.Trains new or less-experienced staff; provides instruction and reviews output to ensure understanding.Ensures that all work is performed in adherence to accepted industry standards and regulations.Identifies operational efficiencies, seeks improvements to information security processes by evaluating and refining processes and procedures.Participates in client relationships and enforce roles and responsibilities and upholds service level agreements. Often interacts with all management levels, providing the appropriate level of detail based on expertise to address and resolve highly complex protection of critical systems issues.Provides recommendations and interpretations to key stakeholders on IT information security issues.
Qualifications & Competencies:Senior understanding of FRS enterprise orientation and aspects of the technical environment as it relates to the functional operation of the supported applications.6 year of IT experience; 2-4 years of progressively responsible experience focused on information security with a preference for SAFR certification.1-2 years of experience with large scale ERP application security with demonstrated knowledge of HR and Finance business processing and supporting security within an application.Experience with Workday security strongly preferred.Exercises independent judgment, makes decisions, resolves issues, and achieves results based on considerable training and experience.Senior technical knowledge of, and ability to interpret and apply, information security fundamentals, technologies, risks, client policies and procedures, IT governance standards (SAFR, COSO, ISO17799, ITIL, NIST 800-53, etc.). Senior expertise in problem solving, creativity and innovation to determine problem areas and provide fresh approaches to solving highly complex, significant IT security problems. Senior analytical, planning, problem-solving, and organizational skills required to evaluate alternatives and recommend solutions proactively, taking interdependencies into account. Proven outstanding oral and written communication with experience conveying technical information. Senior communication skills to create customer communications, negotiate with customers, Board of Governors, technical staff, and management.Results-oriented with a drive toward delivering value through standardization and ongoing improvements aligned to business needs.Learning mindset geared toward innovation and creativity for applying technology capabilities in new ways, necessary for both the delivery of effective technology and business solutions. Flexible and nimble working style that can shift quickly to new priorities and delivery of outcomes based on business needs.Accepts accountability and ownership for responsibility area and continuously adds value while establishing trust within the team. Demonstrates ability to delve into complex issues from a base of general knowledge. Senior project management skills to contribute to complex projects, monitor tasks, provide guidance to other staff, and identify, track and mitigate risks. Ability to work effective in a team environment and to perform as a self-starter.
$110,000.00 - $130,000.00 /Year
IT & Technical