BA Security

We are currently seeking a business analyst with deep level expertise in software security, IAM solutions and federation.

The Analyst will serve as a technical expert for requirements, design and implementation of Identity and Access Management systems and tools.
The analyst will also assess and evaluate integrations to provide resolution of complex system problems and meet evolving business and security
needs. This position will be responsible for understanding and supporting the design of UMG’s organizational, procedural, and technological
security controls within the context of the global regulatory frameworks and its suite of affiliated businesses.

An ideal candidate would be someone that has a solid understanding of the broad aspects of information security and can apply that knowledge to
solve problems at scale. This role requires a broad mix of business and technical acumen coupled with polished communication and a strong desire
to learn. In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT
teams, business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and
technical backgrounds in a global business environment.

Job Functions:

• Elicits, analyses, specifies, and validates the business needs of stakeholders, be they customers or end users.
• Serve as the subject matter expert for Identity and Access Management including SSO and Federation.
• Work with overall Identity and Access Management Lead, Information Security, and cross-functional partners to build, maintain, and
  execute on a roadmap considering short, medium and long-term access control and operational needs for tools
• Understand technical implementation details for implementing Identity and Access Management and security controls
• Collaborates with project sponsors to determine project scope and vision.
• Conducts interviews to gather customer requirements via workshops, questionnaires, surveys, site visits, workflow storyboards, use
  cases, scenarios, and other methods.
• Identifies and establishes scope and parameters of requirements analysis on a project-by-project basis to define project impact, outcome
  criteria, and metrics.
• Works with stakeholders and project team to prioritize collected requirements.
• Research, reviews, and analyses the effectiveness and efficiency of existing requirements-gathering processes and develop strategies for
  enhancing or further leveraging these processes.
• Participates in the QA of existing solutions to ensure features and functions have been enabled and optimized.
• Participates in the selection of any requirements documentation software solutions that the organization may opt to use.
• Analyses and verifies requirements for completeness, consistency, comprehensibility, feasibility, and conformity to standards.
• Develops and utilizes standard templates to accurately and concisely write requirements specifications.
• Translates conceptual customer requirements into functional requirements in a clear manner that is comprehensible to
  developers/project team.
• Creates process models, specifications, diagrams, and charts to provide direction to developers and/or the project team.
• Develops and conduct peer reviews of the business requirements to ensure that requirement specifications are correctly interpreted.
• Assists with the interpretation of customer requirements into feasible options and communicating these back to the business
  stakeholders.
• Manages and tracks the status of requirements throughout the project lifecycle; enforce and redefine as necessary.
• Communicates changes, enhancements, and modifications of business requirements — verbally or through written documentation — to
  project managers, sponsors, and other stakeholders so that issues and solutions are understood

Job Requirements:

Essential:

• Proven experience with business and technical requirements analysis, elicitation, modelling, verification, and methodology development
• 5+ years of working experience in Identity and Access Management data analysis, and/or information security capacity
• Experience in information security concepts and applying them at scale
• Understanding of internals of security protocols such as LDAP-S, SAML, WS-Federation, SCIM, OAuth, and OIDC
• Understanding of internals of IAM solutions such as Azure Active Directory, Active Roles, Duo, MIM, Okta
• Sound knowledge of all procedures, standards, and regulations for authorization and authentication, applied cryptography, and security
  vulnerabilities.
• Experience independently leading projects to completion
• Experience with working with leadership and engineers
• Able to exercise independent judgment and take action on it
• Excellent analytical, mathematical, and creative problem-solving skills
• Excellent listening, interpersonal, written, and oral communication skills
• Logical and efficient, with keen attention to detail
• Highly self-motivated and directed
• Ability to effectively prioritize and execute tasks while under pressure
• Strong customer service orientation
• Experience working in a team-oriented, collaborative environment

Desirable:

• BS/MS degree in Computer Science, Engineering, Business Administration or a related subject
• Demonstrated excellent technical writing skills
• Multiple language skills a plus.