Technical Information Security AnalystApply Now
During this time of recommended social distancing, Navient will conduct telephone interviews only until it is safe and permissible to invite candidates to our offices for personal interviews. We look forward to receiving your application and appreciate your flexibility and understanding. This position can be based in Fishers, Indiana or can be a remote work from home if willing travel to Fishers on a as needed basis.
Navient (Nasdaq: NAVI) provides asset management and business processing solutions to education, healthcare and government clients at the federal, state, and local levels. We help our clients and millions of Americans achieve financial success through our services and support. Headquartered in Wilmington, Delaware, Navient employs team members in Western New York, Northeastern Pennsylvania, Indiana, Tennessee, Texas, Virginia, and other locations. Learn more at navient.com.
The Technical Information Security Analyst is responsible for administering system access and providing support for all Navient computer systems, applications, platforms, and devices used in the organization which are managed by the Identity and Access Management team in the Information Security department. Candidate will have well developed understanding of Information Security and Identity and Access Management concepts, principals, and industry “Best Practice” guidelines. The Technical Information Security Analyst handles more complex access requests and conducts detailed research and analysis to identify root cause and resolve issues and problems. The Technical Information Security Analyst supports large scale project initiatives and major system implementations. The Technical Information Security Analyst helps to create and maintain access control matrices and security documentation related to the administration of user access to Navient systems. The individual will utilize communication, analytical, and problem resolution skills to help resolve security and access control problems for users, clients, and technical support staff. Technical Information Security Analyst may also administer and help support various Information Security management programs and initiatives related to computer security, policy and procedures, awareness training, audit coordination, legal matters, legislation and regulatory compliance. This position will also perform routine analysis of security controls, conduct audits, and run reports to help maintain the integrity of Navient’s security systems.
Computer skills, proven technical ability, analytical thinking, organization and project management skills, high attention to detail, self-motivation, enthusiasm, flexibility, good communication skills, and a customer service focused attitude are required.
1. System Security Administration
a. Add, remove, modify and manage user access entitlements, passwords, and account information for various systems including mainframe, network, database, and communication systems used throughout the organization in a timely manner. Meet processing and turnaround times established by internal procedures and guidelines, or as required by SLA’s while still maintaining a customer service focus.
b. Create, apply, and maintain security groups on databases, Active Directory, file shares, and other Navient systems.
c. Plan and support appropriate Identity and Access tasks for large scale project initiatives and major system implementations. Work with senior staff and project teams to determine how to implement security rules, create user accounts, security groups, apply appropriate permissions on systems, and execute tasks as part of the project deliverables.
d. Analyze requests to ensure compliance with all information security standards and policies. Follow all information security policies, procedures, and guidelines when administering security to ensure the security of Navient information systems.
e. Help to create and maintain access control rules, authorized approver lists, access control lists, and job roles to ensure only authorized users obtain access to Navient systems.
f. Ensure all work is appropriately documented for future audits and to meet regulatory compliance requirements.
2. Security Access Problem Resolution
a. Assess and quickly resolve access problems related to security controls on Navient systems while using good judgment to minimize risk exposure to the business.
b. Research system access issues to identify the root cause of the problem and provide recommendations to correct deficiencies or improve performance.
c. Work with more junior staff to help identify and resolve security administration and access control issues. Provide training when necessary to help other staff members learn new systems and technology.
d. Provides direction, consultation, and training for Identity and Access Management staff and emergency after hours support as required in support of the business.
e. Provide after hours and weekend On Call support as part of the rotational staff to ensure issues that occur outside of the normal business day are promptly resolved.
f. Be available to provide security support in the event of an emergency, declared disaster or activation of any Navient BRP initiative.
3. Information Security Project Management
a, Develop detailed project plans in support of assigned projects. Commit to and meet deadlines in both quality and time.
b. Work as part of a project team with other IT areas, responsible for defining and implementing the necessary security tools, technologies and solutions required to ensure project success and meet the Information Security mission.
c. Develop detailed system security documentation, process flow diagrams, and administration manuals for computer security systems, servers, applications and utilities.
4. Identity and Access Management
a. Develop training and security awareness programs.
b. Provide support for internal and external audit reviews and examinations.
c. Perform other duties and special projects as may be assigned.
5.Audit Support as Needed
Bachelors Degree in Computer Science or related area. Additional equivalent experience above the required minimum may substitute for the checked level of education.
- A minimum of 5 years of direct experience in systems security, security administration, systems audit, or security compliance.
- Must be skilled in security software products and tools relating to Identity and Access Management (SailPoint, CyberArk, RSA, SQL, Oracle, etc.) Knowledge of Active Directory, Azure AD, O365, Exchange, Internet security and network security technologies (TCP/IP, firewalls, IDS, Anti-Virus products, etc.) and third party security or audit tools is required. Must be knowledgeable with information security concepts as well as understanding how to implement application level security controls and mechanisms.
- Solid analytical, problem-solving, and customer service skills are critical.Must be focused, energetic, meet commitments, be responsive, be willing to take ownership, have excellent judgement and integrity.Exceptional organizational and time management skills. The ability to manage multiple projects and priorities while ensuring strategic focus is maintained to accomplish department goals and business objectives.
- Excellent oral, written, and interpersonal communication skills, including the ability to communicate effectively with project and application development teams, management, and clients is a must.
- A highly motivated self-starter. Ability and willingness to work flexibly, under pressure and able to meet deadlines without prompting.
- A team player who understands how to build consensus and who can motivate others, and ensure assigned tasks and deliverables are being accomplished, reported, and completed.
- Ability to work with a wide range of people including IT technical analysts and architects, IT Managers/Directors, business unit management, and senior executives.
- ·Strong project leadership, management, and participation skills.Ability to track and complete deliverables to completion.
- This position will support a federal government contract. Applicants must be able to obtain Public Trust security clearance as required of federal government contractors to include a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. For this level of clearance, applicants must possess U.S.citizenship.
All offers of employment are contingent on standard background checks. Navient and certain of its affiliated companies are federal, state and/or local government contractors. Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. Positions that support state and/or local contracts also may require additional background checks to determine eligibility and suitability.
EOE Race/Ethnicity/Sex/Disability/Protected Vet/Sexual Orientation/Gender Identity. Navient Corporation and its subsidiaries are not sponsored by or agencies of the United States of America.
Navient is a drug free workplace.