at Meta in Springfield, Illinois, United States
Job Description
Summary:
Meta is seeking an experienced InfoSec, Access Management Analyst to join the Information Security team. This position will be responsible for understanding and supporting the design of Meta’s organizational, procedural, and technological security controls within the context of the global regulatory frameworks applicable to Meta and its suite of affiliated businesses (Instagram, Oculus, WhatsApp, etc.). This analyst will support the access compliance function and will be responsible for compliance and governance activities related to the Identity and Access Management domain across Meta. The analyst will also assess and evaluate integrations to provide resolution of complex system problems and meet evolving business and security needs. An ideal Security Analyst – Access Management is someone that has a solid understanding of the broad aspects of information security and can apply that knowledge to solve problems at scale. This role requires a broad mix of business and technical acumen coupled with polished communication and a strong desire to learn.
Required Skills:
Access Management – Security Analyst Responsibilities:
1. Understand the security needs of internal and external stakeholders, regulators, and auditors. Support IAM related controls for an increasing number of regulations including SOX, SOC2, PCI and ISO27001
2. Support the communication of policies, procedures, and processes to internal stakeholders regarding security and compliance best practices around applicable laws, regulations, and controls
3. Work with cross-functional teams to assess business and access workflows, review internal and external tools for risk concerns, address permission gaps, and improve data quality
4. Support the development of new standards, policies, and guidelines and necessary modifications to existing ones
5. Provide walkthroughs to external regulators and auditors on Access Management controls and safeguards. Negotiate with regulators to get to an agreed upon approach that is compliant to regulatory requirements as well as aligns with Meta’s internal approach and needs
6. Continuously assess and drive improvements of internal Meta tools, technical capabilities, and business processes to improve technical enforcement of access management and enforcement principals by working with business and software engineering partners
7. Support the identification, implementation, and maintenance of automated technical security controls required by various technical regulatory compliance frameworks
8. Guide the development of administrative and enforcement tools, access controls, alerts and anomaly detection, escalation workflows, and UX design
9. Serve as the technical subject matter expert for access management at Meta
10. Work with overall Access Management Lead, Information Security, and cross-functional partners to build, maintain, and execute on a roadmap considering short, medium, and long term access control and operational needs for tools
11. Understand technical implementation details for implementing access management and security controls
12. Oversee operations team responsible for performing access reviews on a periodic basis of the company assets
13. Perform and oversee periodic review of existing Security controls and safeguards
14. Ensure successful transition of project deliverables to support/maintenance/operations teams
Minimum Qualifications:
Minimum Qualifications:
15. 5+ years of working experience in access management data analysis, and/or information security capacity
16. Understanding of SOX and SOC2 controls. Experience to communicate effectively to internal and external auditors
17. Experience in information security concepts and applying them at scale
18. Experience independently leading projects to completion
19. Experience with working with leadership and engineers
20. Experience working independently and collaboratively across various levels and teams
21. Communication, presentation, and interpersonal experience
22. Experience working across cross-functional teams
23. Experience managing competing priorities and simultaneous projects
24. Experience in SQL (Oracle, Vertica, Hive, MySQL, etc.), data visualization (Tableau or other), and Excel
Preferred Qualifications:
Preferred Qualifications:
25. BA/BS in Computer Science or equivalent, Math, Statistics, Economics, Physics, or equivalent quantitative field
26. Strong desire to learn and continuously develop and deepen technical skills
27. Familiarity with scripting languages, SQL, PHP, python, and web development
28. Certifications in one or more of the following areas: CISSP, CISA, CISM, GISO, GCIH, CIPP
29. Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and/or industry activities
30. Independent worker and motivated self-starter, thrives on ambiguity
31. Change-oriented – proactively generates process improvements, supports, and drives change, and confronts difficult circumstances in creative ways
Public Compensation:
$130,000/year to $185,000/year + bonus + equity + benefits
Industry: Internet
Equal Opportunity:
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.
