Cybersecurity and Compliance Analyst

Qurate Retail Group (QRG) is one of the world’s leading multimedia retailers, reaching millions of customers around the globe each day on-air, on-line, and through mobile. To advance the global cybersecurity program, Qurate is seeking for:

Cybersecurity and Compliance Analyst 

to join their dynamic team.

The Cybersecurity IAM Compliance team is responsible for overseeing and ensuring Identity's compliance with regulatory requirements and internal policies related to company IT systems and data, and works closely with other IT teams and departments within the organization to maintain and improve our compliance program.

The Cybersecurity Compliance team reporting into the IAM Compliance Supervisor is a team of analysts responsible for executing successful certifications, SOX controls and PCI assessments.  The compliance team will ensure campaigns evolve as the identity program expands to new markets and platforms within the company, additional applications onboarded and certification campaigns expanded, as well as document all workflows and processes, and maintain support and troubleshooting artifacts.  The team will collaborate within IT and other departments to ensure systems are designed and implemented to meet compliance requirements.

Responsibilities:

-Ensuring the PAR ASCD (Asset Selection Criteria Document) has been updated with technical requirements from control definitions and entitlements are tagged in SailPoint

-Performs heavy QA work to ensure all items in the ASCD are being reviewed via SailPoint or Manual Reviews

-Ensure checklist for staging and executing SailPoint Certification campaigns is followed

-Action the project plan for UARs, conduct tie-outs for completeness and accuracy validation, and prepare application packages for Internal Audit

-Provide support to stakeholders for successful execution of UAR reviews and confirm revokes have been actioned

-Analyze proposed changes to Workday data for impacts to roles and Job Transfer control

-Participate in PCI assessments and provide documentation to the assessors, represent IAM in the move to 4.0 regulations and resulting changes to policies and systems

-Collect voice-of-customer feedback for continuous process improvement

-Maintain metrics and benchmarking data.

Ensures operational governance of the SailPoint IIQ platform to include: 

-Monitors functionality of connectors and data aggregation

-Monitors provisioning tasks to ensure appropriate deprovisioning of entitlements, work with SailPoint engineering teams to review and remediate errors and issues

-Create, update, and maintain IAM policies standards and procedures to support security/regulatory needs

-Participate in compliance activities for SailPoint expansion into Azure

Support the governance of the SailPoint RBAC initiative to include:

-Assist with gathering and documenting requirements from the business for adding and updating roles, obtaining approvals and updating Service Now tickets and workflows

-Performing role composition recertifications

-Maintaining documentation for audit testing

Support the governance of the CyberArk EPM initiative to include:

-Assist with the development of the process and governance for temporary local admin rights

-Collaborate with Service Now and Risk teams to ensure the process meets compliance and risk requirements while focusing on decreasing fulfillment times

-Maintaining documentation and providing end-user support

Support the IAM compliance program by:

-Maintaining and updating policies and procedures related to IT compliance, including workflow management and documentation

-Identifying gaps and contributing the backlog of operational, strategic and/or tactical governance initiatives to reduce risk, increase usability and operational effectiveness

-Participating in design of Service Now forms and owning responsibility for future updates/changes

Requirements:

-Bachelor’s degree in Information Technology, Computer Science, or related field or 2+ years of experience in IT compliance or related field

-Foundational knowledge of Active Directory and MS Office (Exchange, Excel, OneNote, Power Point, Visio)

-Experience working with ticketing systems (Service Now preferred)

-1+ years’ experience working with SailPoint (preferred) or other IAM solutions

-1+ years of SOX/PCI experience

-Solid understanding of IAM best practices across the entire identity lifecycle

-Foundational knowledge of relevant regulations (SOX, PCI, GDPR)

-Problem solver

-Strong attention to detail and ability to manage multiple tasks simultaneously

-Excellent communication and interpersonal skills.

What we offer:
General benefits:

-Hybrid work model combining office & remote work

-Attractively located office with collaboration spaces, gaming room, football table, billiards and showers 

-Onsite parking space for employees 

-Company performance related bonus  

-Referral program with financial bonus 

-Life Insurance 

-Retirement pension plan  

-Budget for development (including language courses and others), clear career path with the possibility to gain experience in international environment 

-Access to internal Learning Lab Platform with multiple trainings oriented for professional growth 

-Access to MyBenefit platform (Multisport included) 

-Team Building activities  

-Charity initiatives  

-Opportunities to volunteer your time to company- driven initiatives, employee networks or organizations of your choice – 1 day/year 

-Working environment promoting diversity and inclusion 

-Private medical care  

-Mental health support line for you and your relatives

Join us as we enrich life’s everyday moments – including yours. Apply today!