- To enhance my profession by applying my acquired skills and knowledge and letting myself grow by being exposed to different responsibilities within the Information Security or Information Technology area.
- To work for an organization that prioritizes goals, teamwork and helps their employees to grow proactively and professionally.
Application Security Analyst
- Provides operational support by provisioning, terminating, auditing and analyzing correct access to internal systems used by ADP employees and clients worldwide.
- Responsible in maintaining accurate privileges in platforms and applications by using technologies such as NetSecure, RACF, Active Directory, SAP R1 Netweaver and Oracle Trust GL.
- Responds to access related violations and security incidents and provides assistance through investigation and resolution.
- Identifies risks and gaps in the existing operational security processes and procedures and offers possible resolution and assists on the actual implementation.
- Supports security related projects through UATs and assistance in maintaining development regions accesses and privileges.
Access Control Security Officer
- Responsible for the following Information Security domains: Access Control, Logging and Monitoring, Physical and Environmental Security and Personnel Security.
- Analyze, reviews and approves Change requests according to business requirements and security compliance for access control and functionailities.
- Performed access control security administration tasks using technologies such as Active Directory, LDAP, 3270 (RACF), Windows Servers, CCTV & Biometrics and Oracle - based applications.
- Administer and maintain user and physical access control systems (access matrices, access control criteria, etc).
- Develop and maintains the company’s Access Control Criteria as standard access control requirements for all bank applications.
- Monitor physical and digital logs of applications for access-related control violations.
- Test and improve physical and environmental security deployments.
- Conducts, reviews and approves UAT and SIT scripts to check the effectiveness of the application security requirements and administrative functionalities.
- Implement changes and resolve issues in system parameter settings.
- Manages projects related to Information Security domains.
- Supervise Application and Security Administrator staffs.
- Conduct security awareness trainings.
- Maintain and update the department’s Operations Manual for the assigned domains.
- Analyzes end user desktop issues for escalation to field engineers.
HP TPM Security Manager / Information Security Auditor
- Serves as a Security Consultant for the client and within the organization.
- Create and update documentations concerning policies, procedures, guidelines, processes and standards as agreed with different business units.
- Monitors compliance with Information Security policies and procedures for the organization.
- Monitors the internal control systems to ensure that appropriate access levels are maintained.
- Overseeing the operations through management of the organizations’ security administrators/analysts.
- Selection of appropriate security solutions and oversight of any vulnerabilities and assessments.
- Train employees and promote awareness to ensure system security.
- Confer with users to discuss issues like data privacy and security violations.
- Perform other tasks as required of the Global Operations Manager, or as assigned to Information Security Auditors.
Role & Access Security Engineering Analyst
- Performs SOX and PCI audit for internal control systems to ensure proper administration of security access and its recertification using technologies such as Active Directory, RACF, SQL Database, LDAP, Oracle Identity Management, Unix and Teradata.
- Monthly application tracking and verification of permissions granted to users.
- Provides 3rd level support for security issues.
- Process, role review and system automation for more efficient and timely service delivery.
- Review the company’s existing framework to make sure that it is being followed according to the Sarbanes-Oxley Act and initiate planning for training and awareness, as part of the IT Governance Team.
- Performs other responsibilities as required by the IT Governance Director.