IT Infrastructure Controls Analyst

Job Title

IT Infrastructure Controls Analyst

Job Description Summary

We are seeking a highly motivated and detail-oriented Infrastructure IT Controls Analyst to join our team. This role will be responsible for performing critical infrastructure-related controls, ensuring compliance, and supporting the implementation of security and access management procedures. This role will focus primarily on facilitating user access reviews, executing infrastructure related IT controls, identifying potential risks, and working with cross-functional teams to ensure that all infrastructure operations align with organizational standards and regulatory requirements.

This role will work the second shift with working hours from approximately 2pm-10pm or  4pm-12pm PHT, with some flexibility.

Job Description

Responsibilities:

• Perform daily, weekly, and monthly control operations related to the company’s internal compliance program including general IT controls, information security controls, minimum standards and other controls and processes as necessary to evaluate compliance with internal company policies and guidelines.
• Ensure that all deliverables related to control operations and compliance reporting are submitted on time and meet organizational and regulatory standards.

• Coordinate and facilitate periodic and ad-hoc user access reviews for critical infrastructure systems, ensuring all stakeholders participate and access is properly reviewed, secure, and compliant with organizational policies and regulatory requirements.
• Track the status of ongoing control operation activities. Maintain accurate records of tasks, deliverables, and deadlines.
• Support internal and external audit efforts related to infrastructure security controls, including preparation of required documentation and tracking of action items.
• Identify potential control exceptions and report, escalate, and remediate as required
• Identify and document potential process improvements
• Maintain documentation of control operation procedures, evidence and review activities
• Assist in maintaining and enforcing security policies and access controls across the organization's IT infrastructure.
• Collaborate with the IT and Security teams to ensure proper provisioning and de-provisioning of user access to infrastructure systems.
• Work closely with infrastructure, security, and compliance teams to ensure seamless integration of controls into daily operations.
   

Qualifications:

• Degree or equivalent work experience in computer science, information systems, or related field
• 2+ years of experience in IT security, infrastructure operations, or IT governance with a focus on infrastructure and control operations.
• Solid understanding of infrastructure systems, including servers, databases, Active Directory, password vault tools and cloud environments (Microsoft Azure).
• Experience with identity and access management (IAM) tools and systems.
• Knowledge of standards e.g., ISO 27001, ISO 27701, ISAE 3402 / SSAE 16 , SOC 1, SOC 2, SOX GITC, COBIT.
• Relevant certifications such as CISSP, CISM, or CompTIA Security+ are a plus
• Strong ability to assess risks, analyze data, and provide actionable insights
• Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
• Ability to identify and address discrepancies, potential security risks, and compliance gaps
• Strong interpersonal skills to successfully communicate with stakeholders by phone, in documentation, via email, and in meetings and workshops
• Ability to work cross-functionally and across divisions with others
• Strong troubleshooting and analytical skills to resolve issues related to access control and infrastructure security
• Solid understanding of how an information security organization functions
• Able to manage own time effectively and show judgement on prioritizing tasks, working on activities concurrently when required and demonstrate flexibility to changing requirements, often at short notice
• Attention to detail and a track record of delivering high quality reports of accurately presented data in a meaningful and appropriate way
• Competent in Microsoft Excel, PowerPoint and SharePoint

Foreign language skills required for filling the position:

• English – Intermediate written and oral competency

INCO: “Cushman & Wakefield”