IT SECURITY ANALYST III at Denver

Job Description

DCP Midstream, LLC, headquartered in Denver, Colorado, is a leader in the midstream segment of the energy industry as the No. 1 NGL producer, No. 1 natural gas gatherer and processor, and No. 3 NGL pipeline operator in the U.S., based on miles of pipeline operated. DCP Midstream is a 50-50 joint venture between Phillips 66 and Spectra Energy. DCP Midstream is the link in the energy chain ensuring society has clean energy to warm homes, manufacture goods, and produce consumer products. As the largest producer of natural gas liquids in the U.S., DCP Midstream is proud of the role its 3,200 employees perform in gathering and processing natural gas in 18 states. DCP Midstream is the largest oil and gas company and the largest private company in Denver, and is the Top Company Winner for Energy/Natural Resources in Colorado as recognized by ColoradoBiz. For more information, visit the DCP Midstream website at www.dcpmidstream.com. DCP Midstream, LLC is also the general partner and manages the operations of DCP Midstream Partners, LP, a midstream master limited partnership (MLP) which trades on the New York Stock Exchange (NYSE: DPM). (www.dcppartners.com) Serves as a member of the IT Security Operations team focusing on access reviews, user access and the execution of Security Operations processes and procedures in support of IT controls. Assists projects in determining requirements for various periodic access reviews. Works with developers and the business to design, test, and implement access reviews to meet IT control requirements.Provides oversight and backup support for the day to day processing of user access requests as necessary. Leads the development, testing, and implementation of modifications to the user access request application. Acts as liaison with 3rd party outsource providers that perform Security Operations functions. Produces evidence as required by internal and external audit. Provides backup support for security request processing. Monitors and oversees the remediation of daily failed logins and process id usage reports. Administers security for IT the applicationCMS.Initiates and oversees various periodic access reviews including QAAR, QDFR, QOSR, and QDBR. Oversees the development, testing, and implementation of access reviews to meet IT controls. Produces evidence as required by Internal and External audit.Assists projects in determining requirements for various periodic access reviews. Works closely with developers and Business to design, test and implement access reviews to meet IT control requirements.Oversees the creation and maintenance of Security Operations processes, procedures, and documentation.Participates in the vulnerability management processes and procedures. Works closely with IT to coordinate, plan, report & communicate a variety of vulnerability management functions. Recommends and develops new vulnerability management processes and procedures.Oversees id, group, and ownership management and various other Active Directory maintenance activities. Oversees the daily IDM and ITROM processes and procedures. Monitors and resolves IDM exceptions. Oversees the development, testing, and implementation of modifications to IDM and ITROM, works closely with 3rd party outsource providers who perform the actual codingExecutes encryption processes and procedures.Provides third level support for security related issues and ticket processing.Participates in the review and recommendation of changes to the DCPM Information Security Standards. Requires a strong understanding of the DCPM Information Security Standards. Participates in the identification and remediation of areas of non-compliance. Participates in the execution of the IT Security Standards exception processes and procedures.Oversees the development and maintenance of a variety of Security Operations metricsMinimum Qualifications: Bachelors degree in Information Technology or equivalent technical experience. 5+ years experience in Information Security or related field. Excellent understanding of and experience with security systems architecture, security tools and software, and the development and enforcement of information security controls and policies. Strong technical experience with working knowledge of security in multiple environments, such as Active Directory, Windows 2000, Windows 2003, Windows XP, and AIX. Excellent analysis and troubleshooting skills. Excellent interpersonal and organizational skills with the ability to communicate to technical and non-technical people across the enterprise and to translate technology into common terms and concepts.Desired Qualifications: Experience in outsourced IT environment with most areas of IT managed by a third party. Hold a professional certification related to information security such as CISSP, MCSA: Security, MCSE: Security and/or will work towards and obtain certification(s). Basic project management experience.

Job Requirements

 
Country: USA, State: Colorado, City: Denver, Company: DCP Midstream, LLC.