Identity and Access Management (IAM) Analyst

Job description

Thank you for your interest in a career at Regions.

At Regions, we believe associates deserve more than just a job.

We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities.

If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.

Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit.

The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law.

Such information will be stored in accordance with regulatory requirements and in conjunction with Regions’ Retention Schedule for a minimum of three years.

You may review, modify, or update your information by visiting and logging into the careers section of the system.

**Job Description:**

At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity risks.

This role will require a proactive individual with an understanding of core technology and cybersecurity principles along with industry best practices to investigate, remediate and/or escalate for further evaluation.

**Primary Responsibilities**

+ Analyze and respond to cyber threats within various security tools according to documented procedures
+ Collaborates with various stakeholders within Cyber Security/Technology departments and standard owners to properly document and communicate security risks
+ Proactively supports a feedback loop related to information and events in order to identify and support the remediation of improving precision and accuracy of analysis
+ Review and understand Policies, Standards, and Procedures for improved process flows.
+ Performs threat hunting, participate in tabletop exercises, and assist in Incident Response on a rotational job-duty basis as needed
+ Maintains meticulous records of all work performed, including root cause analysis, indicators of compromise, remediation steps, timeline of events, and impact assessment using clear and concise annotations as needed
+ Stays abreast of global cybersecurity threat trends
+ Supports and collaborates with various cybersecurity teams to document security posture and assess environment for relevant IOCs and gaps
+ Participates in and ensures proper documentation of various security assessments (i.e. Security Architecture Reviews, Red Team assessments, Purple Team engagements, and formal tabletop exercises) as needed
+ Analyzes software for violations in Regions Cyber Security standards as needed
+ Acts as a coach and mentor to junior analysts
+ May lead special projects

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

**Requirements**

+ High School Diploma or GED and (8) years of related post-secondary education and/or experience in Information Security or Information Technology
+ Minimum of two (2) relevant certification in Information Security or the ability to obtain relevant certification within twelve months of start date in this position, such as CompTIA Network+/Security+/CySA+, EC-Council Certified Ethical Hacker (CEH), Cisco CCNA/CCNA-Security, GIAC GSEC, etc.
+ Willingness and availability to work on a pre-determined shift and rotational on call

**Preferences**

+ Minimum of one (1) Intermediate to Advanced Amazon Web Services (AWS) or Azure Architect/Administrator and/or Security specialty certification
+ Advanced Incident Response, Cyber Leadership, Penetration Testing certification – GCIH, GSOM, GPEN, CISSP, CISM, OSCP
+ Prior working experience in a Security Operations Center (SOC) environment
+ Prior experience developing use cases for a Security Operations Center (SOC) from threat hunting and threat detection engineering to investigation playbook and response procedure development
+ Understanding of MITRE ATT&CK Framework and Cyberattack Kill Chain and how these frameworks can be used to identify gaps as well as orient analysts in attack progression

**Skills and Competencies**

+ Ability to be a self-starter with initiative and drive for continuous improvement.
+ Ability to be a team-oriented individual who works well with others and places a premium on the group’s success
+ Advanced understanding of information security principles, controls, and technologies
+ Demonstrated strong organizational, research, analytical and problem-solving skills to evaluate situations and respond appropriately
+ Excellent writing and verbal communication skills
+ Strong familiarity with concepts related to security disciplines such as: malware analysis, computer forensics, cyber incident response, network intrusion detection, network traffic and packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence.
+ Strong investigative and problem-solving skills

**Additional Responsibilities for this Opportunity:**

+ Partner with other business and IT organizations within Regions to gather requirements for application onboarding to Sailpoint IIQ
+ Coordinate and assist with leading meetings to gather requirements
+ Create and maintain onboarding and provisioning documentation
+ Perform analysis for role-based access controls (RBAC) and define/modify roles in Sailpoint
+ Troubleshoot connection failures for applications defined in Sailpoint
+ Troubleshoot access provisioning failures and determine root cause
+ Coordinate with other IGA team members to ensure timelines are met
+ May serve as an SME and provides support for IGA solution

**Additional Preferences:**

+ Sailpoint IIQ or Sailpoint Identity Security Cloud experience
+ Experience with role-based access controls and configuring automated provisioning and deprovisioning in Sailpoint
+ Experience with ServiceNow
+ Experience with JIRA
+ Experience with Structured Query Language (SQL)

_This position is intended to be onsite, now or in the near future.

Associates will have regular work hours, including full days in the office three or more days a week.

This position must be within a reasonable driving distance to a Branch, Consumer Operations, or Professional Office Building with the primary location being for_ **_Birmingham, AL, Nashville, TN, Atlanta, GA or Charlotte, NC._** _The manager will set the work schedule for this position, including in-office expectations.

Regions will not provide relocation assistance for this position, and relocation would be at your expense._

**Position Type**

Full time

**Compensation Details**

Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions.

Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role.

As these factors vary by individuals, pay will also vary among individual associates within the same job.

The target information listed below is based on the Metropolitan Statistical Area Market Range for where the position is located and level of the position.

**Job Range Target:**

**_Minimum:_**

$96,641.60 USD
**_Median:_**

$125,240.00 USD

**Incentive Pay Plans:**

This job is not incentive eligible.

**Benefits Information**

Regions offers a benefits package that is flexible, comprehensive and recognizes that one size does not fit all for benefits-eligible associates.

(https://www.regions.com/about-regions/benefits/benefits-eligibility) Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.

+ Paid Vacation/Sick Time
+ 401K with Company Match
+ Medical, Dental and Vision Benefits
+ Disability Benefits
+ Health Savings Account
+ Flexible Spending Account
+ Life Insurance
+ Parental Leave
+ Employee Assistance Program
+ Associate Volunteer Program

Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time.

To learn more about Regions’ benefits, please click or copy the link below to your browser.

https://www.regions.com/about-regions/welcome-portal/benefits

**Location Details**
Riverchase Operations Center

**Location:**
Hoover, Alabama

Equal Opportunity Employer/including Disabled/Veterans

Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting.

Job postings for higher-volume positions may remain active for longer than the minimum period due to business need and may be closed at any time thereafter at the discretion of the company.

Required Skill Profession

Other General