Security Analyst - Access Management

Facebook is seeking an experienced InfoSec, Access Management Analyst to join the Information Security team. This Analyst will serve as a technical expert for requirements, design and implementation of access management systems and tools across Facebook's suite of products. The analyst will also assess and evaluate integrations to provide resolution of complex system problems and meet evolving business and security needs. This position will be responsible for understanding and supporting the design of Facebook's organizational, procedural, and technological security controls within the context of the global regulatory frameworks applicable to Facebook and its suite of affiliated businesses (Instagram, Oculus, WhatsApp, etc.). An ideal Security Analyst - Access Management is someone that has a solid understanding of the broad aspects of information security and can apply that knowledge to solve problems at scale. This role requires a broad mix of business and technical acumen coupled with polished communication and a strong desire to learn.

Qualifications:

5+ years of working experience in access management data analysis, and/or information security capacity Experience in information security concepts and applying them at scale Experience independently leading projects to completion Experience with working with leadership and engineers Experience working independently and collaboratively across various levels and teams Communication, presentation, and interpersonal experience Experience working across cross-functional teams Experience managing competing priorities and simultaneous projects Experience in SQL (Oracle, Vertica, Hive, MySQL, etc.), data visualization (Tableau or other), and Excel BA/BS in Computer Science or equivalent, Math, Statistics, Economics, Physics, or equivalent quantitative field Strong desire to learn and continuously develop and deepen technical skills Familiarity with scripting languages, SQL, PHP, python, and web development Certifications in one or more of the following areas: CISSP, CISA, CISM, GISO, GCIH, CIPP Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and/or industry activities Independent worker and motivated self-starter, thrives on ambiguity Change-oriented – proactively generates process improvements, supports and drives change, and confronts difficult circumstances in creative ways

Responsibilities:

Serve as the technical subject matter expert for access management Work with overall Access Management Lead, Information Security, and cross-functional partners to build, maintain, and execute on a roadmap considering short, medium, and long term access control and operational needs for tools Understand technical implementation details for implementing access management and security controls Guide the development of administrative and enforcement tools, access controls, alerts and anomaly detection, escalation workflows, and UX design Support the identification, implementation, and maintenance of automated technical security controls required by various technical regulatory compliance frameworks Work with cross-functional teams to assess business and access workflows, review internal and external tools for risk concerns, address permission gaps, and improve data quality Ensure successful transition of project deliverables to support/maintenance/operations teams Understand the security needs of internal and external stakeholders, regulators, and auditors Support the communication of policies, procedures, and processes to internal stakeholders regarding security and compliance best practices around applicable laws, regulations and controls Continuously assess and drive improvements of internal Facebook tools, technical capabilities, and business processes to improve technical enforcement of access management and enforcement principals by working with business and software engineering partners