Data Security Analyst II - Full-time / Part-time

Job Overview:

At Macy’s, we’re moving fast—we’re at top speed to become America’s premiere omni-channel retailer. Macy’s technology hub, Macy’s Technology (M*Tech) strives to set the pace by providing seamless and compelling shopping experiences for our Macy’s and Bloomingdale’s customers. Macy’s Technology is creating innovative technology solutions to support these experiences and define the future of retailing.
Macy’s Technology is seeking a Data Security Analyst who under general supervision, acts as liaison between FOBs, Internal Audit and Divisional SIF Administrators in the establishment and maintenance of profiles, application security access standards, and information security policies and procedures. Assists in access administration process and auditing. Recommending improvements to process flows to support audit activities and ensure integrity; and communicating with management on projects, initiatives and daily tasks. Performs other duties as assigned.

Essential Functions:

• Works with IGS, Enterprise Services, Client Server Design and Engineering, Database and P&T on establishing application security needs as they relate to access. Develops and maintains an Information Awareness program. Develops, maintains and implements an ongoing Security Audit program, where necessary using JCL to create reports and works with Internal Audit on all access related issues.
• Researches, designs and maintains job profiles for all platforms including DB2 security access where applicable and SIF models for CICS access.
• Responsible for problem resolution on security issues.
• Works with IGS and division security administrators to maintain clean access files (RACF, SIF, etc.).
• Document and maintains procedures for access control functions such as access provisioning/de-provisioning, reconciliation, and log reviews to ensure consistency.
• Develop and maintains business processes related to troubleshooting Security Access.
• Develops and maintains central repository of Security Desk Procedures.
• Manage and support RSA SecureID for remote access.
• Manage contractor access creation, extension and termination process and be able to troubleshoot issues in Oracle E-business and in-house access management applications.
• Manage Domain Registrations.
• Maintain and participate in Security Awareness activities.
• Follow company’s security access standards and procedures.
• Assist in devising centrally managed access & automation policies that eliminate labor intensive manual procedures required to provision, reconcile & manage access for both on premise and cloud systems.
• Responsible for the relationship to/for divisional security administration.
• Consistently demonstrates regular, dependable attendance & punctuality.

Qualifications:

Education/Experience:

• Bachelor’s degree and 2-4 years of experience preferred.
• 2 – 3 years’ of experience working with security on multiple platforms.
• Knowledge of RACF, VRA, and DB2 security, MVS, CICS, JCL, TRMS and TSO/ISPF or Roscoe.
• Strong Active Directory (Federation) knowledge.
• Security simulation tools in the area of security awareness.
• Successful and proven problem analysis/problem solving skills.
• Should have prior experience with information security frameworks (such as ISO27001 or NIST 800-53) and regulations (including PCI and SOX) and understand how they impact a complex environment.
• Demonstrated experience in requirements gathering, developing documentation and solutions and working with technical teams.

Communication Skills:

• Excellent written and verbal communication skills.
• Ability to read, write, and interpret business and technical documents.
• Strong interpersonal skills.
• Strong working relationships, one-on-one and as a team member along with strong customer service skills.

Reasoning Ability:

• Ability to think ahead and anticipate problems, issues and solutions and possess a client-focused attitude.
• Strong analysis/troubleshooting/debugging skills, strong partnering/relationship building skills.
• Self-motivated and willing to accept challenges.
• Must be able to work independently with minimal supervision.

Physical Demands:

• This position involves regular walking, standing, sitting, hearing, and talking.
• May occasionally involve stooping, kneeling, or crouching.
• May involve close vision, color vision, depth perception, and focus adjustment.
• Involves use of hands and fingers for typing on keyboard and using a mouse.
• May be a need to move or lift items under 10 pounds.

Other Skills:

• Strong problem management skills.
• Strong follow through and escalation abilities.
• Ability to form working partnerships with other areas.
• Willingness to take ownership and risks, and enthusiasm in the face of technical challenges.

Work Hours:

• Ability to work a flexible schedule based on department and company needs.

Company Profile:

Macy’s Inc. is one of the nation’s premier retailers. With fiscal 2016 sales of $25.778 billion and approximately 140,000 employees, the company operates more than 700 department stores under the nameplates Macy’s and Bloomingdale’s, and approximately 125 specialty stores that include Bloomingdale’s The Outlet, Bluemercury and Macy’s Backstage. Macy’s, Inc. operates stores in 45 states, the District of Columbia, Guam and Puerto Rico, as well as macys.com, bloomingdales.com and bluemercury.com. Bloomingdale’s stores in Dubai and Kuwait are operated by Al Tayer Group LLC under license agreements. Macy’s, Inc. has corporate offices in Cincinnati, Ohio and New York, New York.


This job description is not all inclusive. Macy’s Inc. reserves the right to amend this job description at any time. Macy's Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.