Job Purpose/Mission/Summary Lexmark is looking for an experienced information security professional who will be responsible for assessing information security risks in Lexmark's environments. This person will be developing processes and standards to address these risks, and will assist Lexmark Cybersecurity, IT, and business units in complying with identity certification processes while building awareness and engagement. They will be responsible for working with architecture and governance teams to automate several identity certification practices as well as improving overall audit and security policies. They must have a strong ability to communicate and balance competing priorities.
What you will be doing: Drive and manage the semi-annual access certification process. Document access certification processes and project requirements to improve access certification automation. Be responsible for testing and reviewing identity requirements, controls, and technology solutions. Analyze policy exceptions and audit findings with access certification processes. Assist security solution design efforts and analysis related to the introduction of recent technologies that impact identities. Support various compliance activities and evaluate the impact of changing regulations, including but not limited to ISO 27001, ISO 20243, SOC2, FedRamp, CMMC (Cybersecurity Maturity Model Certification), etc. Assist cybersecurity teams with escalated incidents or audit findings by performing deep-dive analysis and correlation from various sources. Work independently on assigned tasks and projects with minimal management oversight and guidance. Be able to work with an agile framework for work tasks and special projects as assigned. Be a cybersecurity advocate and stay up to date with the latest security threats, news, and technologies and provide necessary risk mitigation. Communicates and interacts with personnel and management at various levels across the organization and in other geographies. Communicates results and project status effectively to management. Executes special projects as assigned. Must-have qualifications, Education, Skills and Experience: Bachelor's degree in computer science, engineering, or cybersecurity or related field 5+ years of experience of Information Technology experience Understanding of user-lifecycle management Understanding of directory services Excellent organizational, communication, documentation, and project management skills Has familiarity and general understanding of identity and security