Senior Information Security Analyst
Position Summary: The Senior Information Security Analyst – User Management is responsible for advanced support of the administration and implementation of user management activities and related projects for the Information Security group through daily operational assistance in the areas of user, access, and authorization management, in order to support and fulfill the requirements of internal and external customers across the North American region (ZN) in accordance with respective certification standards as well as relevant internal ZF standards and directives. Often provides direction and instruction to the lower levels of information security analysts.
• Advanced support of daily operations for the ZF User Management (ZUM) group across Region North America; this group supports the ZF User Management and Information Protection guidelines and principles through management of user accounts, as well as access and authorization rights.
• Works on variety of projects involving the implementation of global processes, standards, practices, and guidelines.
• Provides direction and instruction to the lower levels of information security analysts.
• Identifies options for potential solutions to major/complex issues, and assesses them for both technical and business suitability
• Create and maintain master data of internal and external employees in the global directory service (GDS).
• Create user accounts in the required IT systems (e.g. SAP, Axalant, Active Directory, etc.)
• Delete and/or delimit user accounts and access rights upon employee termination.
• Communicate technical concepts, information, and service-related topics to all levels of the organization.
• Define enterprise roles according to Role Based Access Control (RBAC) principle.
• Derive IT system-specific roles from new ERP system implementations.
• Assign roles and individual rights to users in accordance with ZUM standards and principles.
• Modify roles and/or individual right assignments in the event of job transfers/changes.
• Support the review and optimization of ZUM processes within the region.
• Adhere to global User Management standards and ensure compliance with group directives.
• Develop working relationships with internal and external business partners (i.e. IT, HR, etc.).
• Adhere to and ensure compliance with ZF standard processes, procedures, and systems.
• Participate in continuous improvement programs and provide support to team efforts.
• Maintain professional and technical knowledge by attending educational workshops, formal training, reviewing professional publications, establishing and expanding professional networks, and participating in professional societies.
• Understand, support, and comply with all TS 16949 requirements and processes.
• Perform other duties as assigned.
Essential Skills and Experience:
• Bachelor’s Degree in Information Systems, Computer Science, or related field
• 6+ years of experience (including internship and/or co-op experience) in the Information Security field encompassing a majority of the following areas – user and authorization management, information and data protection, IT security, and IT incident management
• 6+ years of experience providing customer support and resolution regarding technical issues
• Expert working knowledge of IT systems related to Windows Active Directory, Product Lifecycle Management (PLM), Enterprise Resource Planning (ERP), and/or Business Intelligence (BI) software
• Expert knowledge on SAP authorization concepts
• In-depth knowledge of user and authorization/rights administration concepts, best practices, and commonly-used procedures
• Proficient with Microsoft Office (e.g. Excel, Word, PowerPoint, Project etc.)
• Proven analytical abilities in addition to strong troubleshooting/diagnostic skills with a high attention to detail
• Ability to work independently in a fast paced, high-volume environment
• Proven ability to interface with cross-functional teams and all levels of personnel and management
• Ability to guide/train other analysts in the application of information security concepts, practices, and principles
• Proficient with oral and written English
• Solid organization and time/project management skills
• Willingness/ability to travel (both domestic and international)
• Ability/willingness to meet flexible schedule arrangements per customer requirements (i.e. off-shifts)
Preferred Skills and experience:
• 10+ years of experience in Information Security or related field
• Advanced experience with user and authorization management, specifically for SAP
• Advanced experience with an Incident Management System (i.e. IT ticketing systems)
• Advanced experience with an Identity Management System
• Expert knowledge about PLM, ERP, and BI software (e.g. Axalant, SAP, etc.)
• ITIL®, MCSE, CompTIA, A+ or related Information Systems certifications
• Experience in the Automotive industry
• German and/or Spanish language skills
ZF North America, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ZF North America, Inc. complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. ZF North America, Inc. expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of ZF North America, Inc. employees to perform their expected job duties is absolutely not tolerated.