IT Security Administrator Intermediate

 As the liaison for internal and external auditors, this individual ensures compliance with SOX requirements, while testing and monitoring the controls environment to mitigate security risks. They also support the change management process, occasionally running meetings and ensuring effective documentation of changes and adherence to the processes.

Additionally, the Intermediate Access Services Analyst coordinates the company’s relationship with its Managed Service Provider (MSP), collaborating with IT, HR, and Compliance teams to align access policies with business needs. They continuously evaluate and enhance access management policies, procedures, and automation opportunities, strengthening the company’s security posture.

 

Essential Duties

• Monitors and enhances IT security control policies, ensure compliance and provides audit validation through process demonstration and documentation.  (~15%)
• System administration and support for Oracle, including Fusion, HCM, Supply Chain, and Pre/Post Refresh (~40%) 
• Performs user privilege administration that involves managing Company user accounts and permissions at the domain and application levels, including account creation/removal, group memberships, shared folder access, specialized system access, including ERPs, Oracle Cloud, and other corporate-related systems.  (~30%)
• Leads change control meetings facilitating Request for Change (RFC) processing, obtaining approvals, change notice distribution, and scheduling.  Deploy approved changes from Development environments to Production systems.  (~15%)

 

Non-Essential Duties:  Performs other duties as assigned.

Skills and Abilities: 

• Ability to handle confidential sensitive data or issues.
• Ability to review security requests for accuracy and completeness.
• Ability to perform user privilege administration at the domain and application level. 
• Ability to process user creation and termination requests.
• Ability to enhance and implement policies and procedures consistent with control guidelines and requirements.
• Ability to identify risk, assess impact, and make adjustments per control requirements.
• Ability to create and maintain accurate and auditable documentation to fulfill audit requirements.
• Ability to facilitate Request for Change (RFC) processing, approvals, distribution and scheduling.
• Ability to produce reports/analyses and facilitate Change Control Review (CCR) meetings.
• Ability to train and mentor personnel on IT security protocols.
• Ability to pay close attention to details with good planning, time management, and organization skills.
• Ability to multi-task and work effectively with interruptions.
• Ability to work with all levels including C-level executives.

 

Knowledge:

• In-depth knowledge and proficiency in Microsoft Active Directory access provisioning including user accounts, group membership, shared folders, etc.
• In-depth knowledge and proficiency in application access provision including Oracle Cloud and other enterprise and ancillary packages.
• In-depth knowledge and proficiency in editing and enforcing policies and procedures related to IT security controls, and the related testing and data capture required to fulfil audit requirements.
• In-depth knowledge and proficiency in end-to-end Change Control processes and governance.
• Knowledge of server architecture and roles, communications, security management, electronic messaging services, and remote access services.
• Knowledge of server-based technologies to include Windows Server (all versions), VMware, Exchange Online, Teams, and other server and cloud-based applications.
• Knowledge and proficiency in Microsoft Word, Excel, PowerPoint, and Visio.
• Current on industry security trends and emerging technologies.

 

Minimum Education and Certification:

• Bachelor’s degree or equivalent experience in MIS, IT, or other related discipline. 

 

Minimum Experience:

4+ years of experience in the following:

• Microsoft Active Directory user provisioning and access control.
• Oracle Cloud user provisioning, roles, data security context (DSC), and access control.
• Process and procedure development related to IT security controls.
• Data capture and tracking to meet audit compliance (Access control, system security, employee hire/term, etc.).
• Leading end to end Change Control processing and control meetings.
• Service management and ticketing tracking systems.
• Microsoft Office suite including Word, Excel, PowerPoint, and Visio.
• IT Security principles

 

Physical Demands: 

• Regularly required to sit, use hands to finger, handle or feel; reach with hands and arms; and talk or hear.
• Occasionally required to stand, walk, and stoop.
• Vision abilities include close vision, distance vision, color vision, and the ability to adjust focus.

 

Problem Solving and Innovation:

• Works with business partners and SMEs to ensure security requests fit into the overall corporate IT direction and current systems.  
• Assimilates and evaluates data from multiple sources determining the optimum solution based on requirements.
• Deals with technical issues through own experience or research.
• Works with little or no supervision.

 

Impact:

Critical component of securing company IT systems.

This job description is a summary of essential job functions.  It is not intended as an employment contract, nor is it intended to describe all duties someone in this position may perform.  All employees are expected to perform tasks, as assigned by supervisor, regardless of job title or routine job duties.

.

Archrock is a premier provider of natural gas compression services to customers in the energy industry throughout the U.S. and a leading supplier of aftermarket services to customers who own compression equipment. With approximately 1,000 employees, our unmatched expertise and team of highly qualified, certified technicians are backed by more than 70 years of industry experience.
Archrock is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.