IT Security Business Analyst
JCPenney Home Office - Plano, TX
BASIC FUNCTION:
Carries out the functions for designing, implementing and administering security applications to support the JCPenney information security
and control program.
PRINCIPAL RESPONSIBILITIES:
1. Carries out assigned tasks in designing, implementing, administering, and monitoring new or existing system security applications for
JCPenney. Maintains the confidentiality of all user and corporate information reviewed, handled, or processed in the course of normal
work assignments.
2. Administers JCPenney proprietary and third party purchased security products across a wide range of client-server, mid-range and
mainframe environments. Handles general security inquiries from users and responds appropriately. Analyzes and resolves security
problems. Communicates security problems and issues with appropriate management contacts. Develops and maintains security
documentation and procedures.
3. Administers the additions, modifications and deletions of user and resource accounts and profiles in various security databases, based
on established security policies and procedures.
4. Reviews appropriate security logs and exception reports. Performs regular monitoring of security violations. Follows up as necessary
to determine source and cause of violations, and resolve suspected violations.
5. Runs miscellaneous DB2 and SQL queries. Develops special security reports as needed for data owners and security administrators.
6. Participates in testing and evaluating upgrades and enhancements to information security tools.
7. Keeps abreast of current and future security technologies, and where appropriate, makes recommendations for implementation of new
security systems and technologies, or enhancements to existing systems.
8. Supports overall Information Security organization as member of team, as assigned.
SKILLS:
Education: College degree, preferably in the computer science area. MCSE and security certification (CISSP) preferable.
Experience: 3 - 5 years' information technology experience.
Core Competencies: Systems security design, project management, attention to detail, analytical skills, written and oral communication skills.
The qualified candidate will a strong background in the following activities:
1. Participate in the development of Business Requirements Documents for IT Risk Management project work.
2. Develop detailed User Acceptance test plans for IT-Risk Management projects
3. Execute User Acceptance Test plans, document results and work with Tech Services as needed to resolve issues that are identified during testing
4. Development of business process maps and process documentation for new or changed processes
5. Review the business process and and final test results with the Information Security Operations team, and provide training ans support as needed
6. Record and track all testing activities in spreadsheets or project plans as needed
7. Sign-off on all User Acceptance Testing
8. Work with the various development groups as they test their customer facing applications to ensure the screens and processes comply with PII policies and procedures To Apply to this job go to http://www.GadBall.com or click here