CITGO Petroleum Corporation

Apply for this job

Application Identity and Access Security Analyst (Finance)



CITGO PETROLEUM CORPORATION

CITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand. CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and/or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants. With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.

At CITGO our people are our most important resource. Our core values are Safety, Integrity, Respect, Accountability, and Care.

Job Summary

The Application Identity and Access Security Analyst will ensure that authorized users have the right access to company systems, data, and applications.

  • Manage user access to systems, applications, and data. Maintaining the concept of least privilege.
  • Direct testing, piloting, documenting, monitoring and implementation planning for new SailPoint/IAM services and environments.
  • The analyst will be the technical authority and subject matter expert in designing, implementing, and managing identities across all platforms. Windows, Aix, 3rd party applications.
  • Develop and maintain technical documentation, policies, and procedures for AD, M365 systems, SailPoint etc.
  • Monitor compliance with policies, regulations, and customer requirements.
  • Assist the Manager of Identity in developing the enterprise IAM/PAM strategy.
  • Manage and implement privilege access roles and responsibilities for users and service accounts across the domain. Preference with Secret Server.

Minimum Qualifications

  • Bachelor's degree or better in computer science or a related field and 3 years of job-related experience OR equivalent experience in lieu of degree.
  • Professional certification such as Certified Identity and Access Manager (CIAM), Certified Identity Management Professional (CIMP) or Certified Information Systems Security Professional (CISSP) is preferred.
  • 1-3 years of experience in Azure/AD IAM or a related field.
  • Strong technical skills, including experience with identity and access management solutions.
  • Familiarity with best practices and compliance standards.
  • Strong project management skills
  • Knowledge of dynamic and high-level languages such as PowerShell or Python.
  • Experience with SQL databases and SailPoint preferred.
  • 1-3 years Azure Cloud security experience including MS PIM, Subscription, Management group, resource group and conditional access experience.

Job Duties

The Identity Analyst will be responsible for ensuring the security and integrity of CITGO's information systems which involves managing user access, defining and enforcing access policies, and monitoring compliance with security standards.

Responsible for ensuring that relevant Privileged Access Management (PAM) Controls are adequately enforced across platforms and applications to comply with IAM Standards.

Provide support for access-related issues, working closely with IT support and helpdesk teams.

Manage user identity lifecycle including onboarding, offboarding, and account updates.

Administer user accounts, permissions, and access controls.

Handle escalated customer inquiries and support tickets.

Develop and automate processes accordingly

Resolve day-to-day SailPoint/IAM application environment technical issues, including troubleshooting of auxiliary components such as SQL server, SAP or third-party sources.

Investigate and resolve access-related incidents, anomalies, or security breaches.

Assist in Incident Response. Manage, monitor, and resolve critical outstanding information security risk exposures

Job Duties II

Keep up to date with the latest industry developments and trends.

Assist in Information Security risk assessments

Develop and maintain training materials related to identity and access management

Monitor compliance with internal policies and external regulations.

Monitor activity logs to identify security incidents

Job duties displayed above are not all-inclusive, site-specific responsibilities may be assigned.

Here are the incentives we offer:

• Remote Work options available for eligible positions
• Options are department and/or location specific
• 9/80 Work Schedule Option (where applicable)
• Annual Vacation Incentive (40-120 hours of additional pay) for Eligible Employees
• Paid Vacation Time
• Company-Paid Holidays
• Caregiver Leave
• Excellent 401(k) Match
• Pension Plan
• Company-Paid Sick Leave and Long-Term Disability
• Medical, Dental, & Vision Plans; FSA and HSA options
• Company-Paid Life Insurance for Active Employees
• Healthy Rewards Program
• Service Awards Program
• Educational Assistance Plan
• Dependent Children Scholarships
• Reimbursement for Gym Membership
• Employee Discount Programs
• On-site Health Clinic (select locations)
• On-site Cafeteria (select locations)
• On-site Credit Union and ATM (Corporate office only)
• On-site Fitness Center (select locations)

PLEASE NOTE ALL JOBS DO NOT QUALIFY FOR ALL PERKS

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Requisition ID - 1148 Apply

Apply Here done