Regions Bank
Identity and Access Management (IAM) Analyst
Regions Bank, Charlotte, North Carolina, United States, 28245
Identity and Access Management (IAM) Analyst
Thank you for your interest in a career at Regions. Regions believes associates deserve more than just a job and offers performance-driven individuals a place to build a career with opportunities for growth. If you are results-oriented, devoted to quality, integrity, and driving success, we encourage you to apply.
Regions is dedicated to safeguarding private and personally identifiable information submitted for job opportunities. Information will be collected and reviewed by Regions associates, consultants, and vendors to evaluate qualifications and experience and will not be used for marketing, sold, or shared outside Regions unless required by law. Information will be stored in accordance with regulatory requirements and Regions’ Retention Schedule for a minimum of three years. You may review or update your information by visiting the careers section of the system.
Job Description
At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity risks. This role requires a proactive individual with an understanding of core technology and cybersecurity principles, along with industry best practices, to investigate, remediate, and/or escalate for further evaluation.
Primary Responsibilities
Analyze and respond to cyber threats within various security tools according to documented procedures
Collaborate with stakeholders within Cyber Security/Technology departments and standard owners to document and communicate security risks
Support a feedback loop related to information and events to improve analysis precision and accuracy
Review and understand Policies, Standards, and Procedures to improve process flows
Performs threat hunting, participate in tabletop exercises, and assist in Incident Response on a rotational basis as needed
Maintain meticulous records of work performed, including root cause analysis, indicators of compromise, remediation steps, timeline of events, and impact assessment
Stay abreast of global cybersecurity threat trends
Support and collaborate with cybersecurity teams to document security posture and assess environment for relevant IOCs and gaps
Participate in and document various security assessments (e.g., Security Architecture Reviews, Red Team, Purple Team engagements, tabletop exercises) as needed
Analyze software for violations of Regions Cyber Security standards
Act as a coach and mentor to junior analysts
May lead special projects
Note: This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
High School Diploma or GED and (8) years of related post-secondary education and/or experience in Information Security or Information Technology
Minimum of two relevant certifications in Information Security or ability to obtain relevant certification within twelve months (e.g., CompTIA Network+/Security+/CySA+, CEH, CCNA/CCNA-Security, GIAC GSEC)
Willingness and ability to work on a pre-determined shift and rotational on-call
Preferences
Minimum of one Intermediate to Advanced AWS or Azure Architect/Administrator and/or Security specialty certification
Advanced Incident Response, Cyber Leadership, Penetration Testing certifications (e.g., GCIH, GSOM, GPEN, CISSP, CISM, OSCP)
Prior experience in a Security Operations Center (SOC) environment
Experience developing use cases for an SOC from threat hunting and threat detection engineering to investigation playbooks and response procedures
Understanding of MITRE ATT&CK Framework and Cyberattack Kill Chain to identify gaps and orient analysts
Skills And Competencies
Self-starter with initiative and drive for continuous improvement
Team-oriented with a focus on collective success
Advanced understanding of information security principles, controls, and technologies
Strong organizational, research, analytical, and problem-solving skills
Excellent writing and verbal communication skills
Familiarity with security disciplines such as malware analysis, forensics, incident response, intrusion detection, traffic and packet analysis, vulnerability management, and threat intelligence
Strong investigative and problem-solving abilities
Additional Responsibilities For This Opportunity
Partner with Regions teams to gather requirements for application onboarding to Sailpoint IIQ
Lead meetings to gather requirements and create onboarding and provisioning documentation
Analyze RBAC and define/modify roles in Sailpoint
Troubleshoot connection and access provisioning issues in Sailpoint
Coordinate with IGA team members to meet timelines
Serve as a subject matter expert (SME) and provide support for the IGA solution
Additional Preferences
Sailpoint IIQ or Sailpoint Identity Security Cloud experience
Experience with RBAC and automated provisioning/deprovisioning in Sailpoint
Experience with ServiceNow
Experience with JIRA
Experience with SQL
This position is intended to be onsite, with regular in-office hours. The manager sets the work schedule, including in-office expectations. Regions will not provide relocation assistance.
Position Type
Full-time
Compensation Details Pay ranges are provided as market references for compensation decisions. Factors affecting pay include experience, skills, knowledge, contribution, location, and performance.
Minimum Job Range Target: $96,641.60 USD
Median $125,240.00 USD
Incentive Pay Plans This job is not incentive eligible.
Benefits Information Regions offers a comprehensive benefits package. The following is a synopsis for informational purposes and not a complete summary of terms and conditions.
Paid Vacation/Sick Time
401K with Company Match
Medical, Dental and Vision Benefits
Disability Benefits
Health Savings Account
Flexible Spending Account
Life Insurance
Parental Leave
Employee Assistance Program
Associate Volunteer Program
Please note benefits may change. For more details, visit Regions’ benefits portal: https://www.regions.com/about-regions/welcome-portal/benefits
Location Details Riverchase Operations Center, Hoover, Alabama
Equal Opportunity Employer/including Disabled/Veterans
Job applications are accepted electronically through our career site for a minimum of five business days from posting. Higher-volume postings may remain active longer due to business need.
#J-18808-Ljbffr
Regions is dedicated to safeguarding private and personally identifiable information submitted for job opportunities. Information will be collected and reviewed by Regions associates, consultants, and vendors to evaluate qualifications and experience and will not be used for marketing, sold, or shared outside Regions unless required by law. Information will be stored in accordance with regulatory requirements and Regions’ Retention Schedule for a minimum of three years. You may review or update your information by visiting the careers section of the system.
Job Description
At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity risks. This role requires a proactive individual with an understanding of core technology and cybersecurity principles, along with industry best practices, to investigate, remediate, and/or escalate for further evaluation.
Primary Responsibilities
Analyze and respond to cyber threats within various security tools according to documented procedures
Collaborate with stakeholders within Cyber Security/Technology departments and standard owners to document and communicate security risks
Support a feedback loop related to information and events to improve analysis precision and accuracy
Review and understand Policies, Standards, and Procedures to improve process flows
Performs threat hunting, participate in tabletop exercises, and assist in Incident Response on a rotational basis as needed
Maintain meticulous records of work performed, including root cause analysis, indicators of compromise, remediation steps, timeline of events, and impact assessment
Stay abreast of global cybersecurity threat trends
Support and collaborate with cybersecurity teams to document security posture and assess environment for relevant IOCs and gaps
Participate in and document various security assessments (e.g., Security Architecture Reviews, Red Team, Purple Team engagements, tabletop exercises) as needed
Analyze software for violations of Regions Cyber Security standards
Act as a coach and mentor to junior analysts
May lead special projects
Note: This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
High School Diploma or GED and (8) years of related post-secondary education and/or experience in Information Security or Information Technology
Minimum of two relevant certifications in Information Security or ability to obtain relevant certification within twelve months (e.g., CompTIA Network+/Security+/CySA+, CEH, CCNA/CCNA-Security, GIAC GSEC)
Willingness and ability to work on a pre-determined shift and rotational on-call
Preferences
Minimum of one Intermediate to Advanced AWS or Azure Architect/Administrator and/or Security specialty certification
Advanced Incident Response, Cyber Leadership, Penetration Testing certifications (e.g., GCIH, GSOM, GPEN, CISSP, CISM, OSCP)
Prior experience in a Security Operations Center (SOC) environment
Experience developing use cases for an SOC from threat hunting and threat detection engineering to investigation playbooks and response procedures
Understanding of MITRE ATT&CK Framework and Cyberattack Kill Chain to identify gaps and orient analysts
Skills And Competencies
Self-starter with initiative and drive for continuous improvement
Team-oriented with a focus on collective success
Advanced understanding of information security principles, controls, and technologies
Strong organizational, research, analytical, and problem-solving skills
Excellent writing and verbal communication skills
Familiarity with security disciplines such as malware analysis, forensics, incident response, intrusion detection, traffic and packet analysis, vulnerability management, and threat intelligence
Strong investigative and problem-solving abilities
Additional Responsibilities For This Opportunity
Partner with Regions teams to gather requirements for application onboarding to Sailpoint IIQ
Lead meetings to gather requirements and create onboarding and provisioning documentation
Analyze RBAC and define/modify roles in Sailpoint
Troubleshoot connection and access provisioning issues in Sailpoint
Coordinate with IGA team members to meet timelines
Serve as a subject matter expert (SME) and provide support for the IGA solution
Additional Preferences
Sailpoint IIQ or Sailpoint Identity Security Cloud experience
Experience with RBAC and automated provisioning/deprovisioning in Sailpoint
Experience with ServiceNow
Experience with JIRA
Experience with SQL
This position is intended to be onsite, with regular in-office hours. The manager sets the work schedule, including in-office expectations. Regions will not provide relocation assistance.
Position Type
Full-time
Compensation Details Pay ranges are provided as market references for compensation decisions. Factors affecting pay include experience, skills, knowledge, contribution, location, and performance.
Minimum Job Range Target: $96,641.60 USD
Median $125,240.00 USD
Incentive Pay Plans This job is not incentive eligible.
Benefits Information Regions offers a comprehensive benefits package. The following is a synopsis for informational purposes and not a complete summary of terms and conditions.
Paid Vacation/Sick Time
401K with Company Match
Medical, Dental and Vision Benefits
Disability Benefits
Health Savings Account
Flexible Spending Account
Life Insurance
Parental Leave
Employee Assistance Program
Associate Volunteer Program
Please note benefits may change. For more details, visit Regions’ benefits portal: https://www.regions.com/about-regions/welcome-portal/benefits
Location Details Riverchase Operations Center, Hoover, Alabama
Equal Opportunity Employer/including Disabled/Veterans
Job applications are accepted electronically through our career site for a minimum of five business days from posting. Higher-volume postings may remain active longer due to business need.
#J-18808-Ljbffr