Eric Smith
Details
Lowe's Companies, Inc.
Imformation Security Analyst
LPL Financial, Charlotte NC 09/2014-Present
Senior Identity & Access Management Analyst
Governance Risk & Compliance
• Direct the design , development and administration of LPL’s Identity Access Management Program
• Represent the GRC Infrastructure Risk Organization and work with leaders and key stakeholders in IT, Audit and business units to align business rules and application entitlements within the IAM governance framework
• Conduct data gathering and analysis for compliance readiness
• Respond to audit request internally and externally
• Test and verify technical security controls are in place and effective
• Assist with the research of security issues & vulnerabilities
• Perform associated risk assessments of technical controls
• Configure and schedule application certifications
• Monitor certification performance and status
• Perform identity correlations
• Run entitlement reports
• Assist IT with integrating new applications into SailPoint IIQ
• Participate on projects to onboard applications into the corporate entitlement management tool
• Work with application teams to acquire account data, coordinate automated data collections, and document the collection configuration
• Interact with application owners to understand the application account structure and develop data extraction options for user account and entitlement data
• Familiar with role-based access control (RBAC)
• Design solutions that integrate with the current IAM platform including provisioning, de-provisioning and integration of applications for authentication
• Maintain alignment of IAM vision with Information Security objectives and business requirements
• Establish a continual service improvement plan and improve overall IAM service, focusing on operational, process and resource efficiency
• Familiar with Agile and Waterfall frameworks
• Familiar with application connectors
2014 :
LPL Finanical
Senior Identity & Access Management Analyst
• Work with IAM architects, application developers and project managers to build, configure, test and implement IAM solutions
• Integrate IAM systems with in-house and third party applications for provisioning, identity authentication and systems resources authorization
• Work with business unit (BU) and corporate function (CF) managers to understand business requirements, enterprise IT standards and other considerations that influence how IAM solutions and services should perform and operate
• Lead quality control and quality assurance activities, such as developing and executing test plans / scripts
• Experience in role base analysis and designing/implementing roles based access solutions
• Use IDM Provisioning Manager to create accounts, add and remove entitlements, activate or suspend accounts, add roles and reset passwords
• Analyze and resolve issues related to automation
• Knowledge on CA IDM suite (Provisioning Manager, Identity Minder, Connector Server, Report Server, Connect Express and Policy Express )
• Understanding LDAP& AD/ OU structures
• Work with Service Now architects to develop and implement access request forms/workflows for provisioning / de-provisioning of user access
• Knowledge of Single Sign On , Federation (Authentication)
• Work as a Security Analyst responsible for ensuring a secure operation of in-house computer systems, servers and network devices
• Provision and de-provision access to 240 applications on 21 platforms
• Proven ability to collaborate with others, initiate action, manage risk, navigate change and accept challenging assignments.
• In-depth knowledge of platforms, applications and databases including but not limited to : Active Directory, Mainframe
• Create home directories, shared directories and move folders to different locations in Windows operating systems
• Knowledge of Security concepts, privacy, and the SOX process
• Develop, maintain and modify security procedures
•
1993 :
TIAA-CREF
Sr. Information Security Analyst
2014 : 2016
LPL Financial
Sr Security Analyst
About
• Analyze and define business roles for inclusion into the Role Based Access Control (RBAC) solution (CA Identity Governance) for the enterprise by consulting with business units.
• Support the identity governance integration design by providing insight at design sessions with cross functional Agile teams across the enterprise to help translate requirements into workable business solutions.
• Work with key stakeholders to develop and/or update Information Security Policies and Standards.
• Perform role discovery and refactoring using CA Discovery and Audit (Client Tool).
• Create roles using both top-down and bottom – up approach.
• Create certifications templates (User, Role and Resource).
• Create certification email notification templates (initial, escalation and final emails).
• Execute monitor and close entitlement certification campaigns, provide ad hoc reports to management upon request.
• Work with key stakeholders to create a role lifecycle processes that includes role definition, role approval, role retirement, role recertification, and role maintenance.
• Work on projects to onboard applications into the CA Identity Manager/ Governance tools (this includes working with application teams to acquire account data, coordinate automated data collections, and document the collection configuration).
• Work with business stakeholders and application developers to identify Segregation of Duties (SOD) entitlements and define a policy in the IAM software.
• Subject matter expert on identity management provisioning processes (e.g. joiner, mover, leaver (JML) and access request and recertification)
• Extensive experience with QA testing (usability testing, performance testing, automated testing, regression testing, test scripts, test cases and test plans).
Profile Photo
