Profiles search
Joshua Lawson
Senior Information Security Analyst at Ally Financial
Charlotte, NC, United States
Details
Experience:
Provides provisioning services to over 40 Ally business applications assuring end users receive continual service improvement while working with AIMS team to ensure security policies are being enforced
Provides provisioning services administration which includes creation, maintenance and deletion of accounts, groups and resources according to security standards and LOB access profiles/requirements
Provides role management services for various lines of business (role mining, role creation, role maintenance, role retirement)
Provides daily operational support for resolving complex access requests, application bulk loads, remediation report reviews, quality assurance and ad-hoc reporting
Identifying, reporting, and working towards the mitigation of potential audit issues or data gaps
Coordinates modifications to the VPN gateway to support new applications
Training staff to provision various bank applications
Maintaining application and platform provisioning documentation
Provides advanced support for complex access requests across multiple platforms (e.g. Active Directory) databases (e.g. Oracle, SQL) and business applications
Supports adherence for financial services security policies and government regulations pertaining to information security
Provides customer training and assistance for Ally's security standards as it relates to the access request processes and maintenance of documentation and procedures
Provides security project management support as it relates to access requests and provisioning services
Provides backup support for the Ally Identity Reporting and access controls support team, working on Identity Reporting and Data Analysis
2014 : Present
Ally Financial Inc.
Senior Information Security Analyst (Team Lead)
Writing PowerShell AD and Exchange scripts for mass provisioning of access. Provisioning and maintenance RACF IDs, TSO IDs, various Exchange accounts (shared accounts, linked mailboxes for trusted domain users, mail lists, public folders, etc.), Oracle ac counts, RSA SecurID, AD, Novell and various proprietary applications. Removing system access from terminated users and working with auditors to resolve access audit issues. Meet ing with management to implement new on Resolving Websense web filtering issues. Working as the SME for multiple applicatioboarding and transfer procedures. ns and training users on the administration for these applications. Working with compliance and uppermanagement to identify potential security issues and provide solutions to rectify any discovered issues. Led team meetings on various departmental and sec urity issues related to projects, etc. Application design and testing for new IAM applications.
2010 : 2014
BlueCross BlueShield of SC
Identity and Access Management (IAM) Analyst
Granted local admin rights and remote desktop access to servers and desktops. Maintained share permissions and file permissions and made necessary changes when needed or requested. Used Top Secret and TSO at Fifth Third Bank to create and maintain accounts for employees and for vendors using our 5/3 Direct system. Created security r oles for the new company that is now known as Vantiv. Modifying user access to the Mainframe, AD, Exchange, and Citrix using the mainframe, ADUC, and Exchange Management Console. Diagnosed various access issues sent to me by the phone team.
2009 : 2010
Fifth Third Bank
Identity and Access Management (IAM) Analyst (project)
Provisioned and coordinated the access of, and provided on call technical support for approximately 150 applications (for thousands of users all the way up to the office of the CEO/Chairper son). Created accounts on SAP, IBM Mainframe, Active Directory, UNIX, Linux, and other platforms. Diagnosed access issues/errors within SAP (and SAP web portal), IBM Mainframe, Active Directory (Windows 2003 Administration Tools), LDAP, UNIX applications, etc. and ensured all security requests remained within SLA. Created mailboxes, maintained permissions to network resources, granted access to department shares, shared mailboxes, maintained Exchange aliases, granted access to SIP communications, granted ac cess to Citrix applications, and other functions specific to Active Directory. Created and maintained the termination process for all of Sara Lee North America to cleanup system access after users have left the company. Worked with auditors to ensure all s ecurity access granted was in accordance with SOX compliance.
Routinely met with the Director of End User Support regarding process improvements covering security, hardware requests, SOX compliance, etc. Wrote and updated documentation for security administration and hardware procurement teams.
2005 : 2009
Sara Lee Corporation
Identity and Access Management (IAM) Analyst
• Answered questions and addressed issues with credit card accounts
• Sold various products and services that fit the needs of the
consumer
• Helped to determine appropriate financial solutions for customers to best fit their needs
2004 : 2005
Citicards
Customer Service and Sales Representative
Provides provisioning services administration which includes creation, maintenance and deletion of accounts, groups and resources according to security standards and LOB access profiles/requirements
Provides role management services for various lines of business (role mining, role creation, role maintenance, role retirement)
Provides daily operational support for resolving complex access requests, application bulk loads, remediation report reviews, quality assurance and ad-hoc reporting
Identifying, reporting, and working towards the mitigation of potential audit issues or data gaps
Coordinates modifications to the VPN gateway to support new applications
Training staff to provision various bank applications
Maintaining application and platform provisioning documentation
Provides advanced support for complex access requests across multiple platforms (e.g. Active Directory) databases (e.g. Oracle, SQL) and business applications
Supports adherence for financial services security policies and government regulations pertaining to information security
Provides customer training and assistance for Ally's security standards as it relates to the access request processes and maintenance of documentation and procedures
Provides security project management support as it relates to access requests and provisioning services
Provides backup support for the Ally Identity Reporting and access controls support team, working on Identity Reporting and Data Analysis
2014 : Present
Ally Financial Inc.
Senior Information Security Analyst (Team Lead)
Writing PowerShell AD and Exchange scripts for mass provisioning of access. Provisioning and maintenance RACF IDs, TSO IDs, various Exchange accounts (shared accounts, linked mailboxes for trusted domain users, mail lists, public folders, etc.), Oracle ac counts, RSA SecurID, AD, Novell and various proprietary applications. Removing system access from terminated users and working with auditors to resolve access audit issues. Meet ing with management to implement new on Resolving Websense web filtering issues. Working as the SME for multiple applicatioboarding and transfer procedures. ns and training users on the administration for these applications. Working with compliance and uppermanagement to identify potential security issues and provide solutions to rectify any discovered issues. Led team meetings on various departmental and sec urity issues related to projects, etc. Application design and testing for new IAM applications.
2010 : 2014
BlueCross BlueShield of SC
Identity and Access Management (IAM) Analyst
Granted local admin rights and remote desktop access to servers and desktops. Maintained share permissions and file permissions and made necessary changes when needed or requested. Used Top Secret and TSO at Fifth Third Bank to create and maintain accounts for employees and for vendors using our 5/3 Direct system. Created security r oles for the new company that is now known as Vantiv. Modifying user access to the Mainframe, AD, Exchange, and Citrix using the mainframe, ADUC, and Exchange Management Console. Diagnosed various access issues sent to me by the phone team.
2009 : 2010
Fifth Third Bank
Identity and Access Management (IAM) Analyst (project)
Provisioned and coordinated the access of, and provided on call technical support for approximately 150 applications (for thousands of users all the way up to the office of the CEO/Chairper son). Created accounts on SAP, IBM Mainframe, Active Directory, UNIX, Linux, and other platforms. Diagnosed access issues/errors within SAP (and SAP web portal), IBM Mainframe, Active Directory (Windows 2003 Administration Tools), LDAP, UNIX applications, etc. and ensured all security requests remained within SLA. Created mailboxes, maintained permissions to network resources, granted access to department shares, shared mailboxes, maintained Exchange aliases, granted access to SIP communications, granted ac cess to Citrix applications, and other functions specific to Active Directory. Created and maintained the termination process for all of Sara Lee North America to cleanup system access after users have left the company. Worked with auditors to ensure all s ecurity access granted was in accordance with SOX compliance.
Routinely met with the Director of End User Support regarding process improvements covering security, hardware requests, SOX compliance, etc. Wrote and updated documentation for security administration and hardware procurement teams.
2005 : 2009
Sara Lee Corporation
Identity and Access Management (IAM) Analyst
• Answered questions and addressed issues with credit card accounts
• Sold various products and services that fit the needs of the
consumer
• Helped to determine appropriate financial solutions for customers to best fit their needs
2004 : 2005
Citicards
Customer Service and Sales Representative
Company:
Ally Financial Inc.
About
I am looking to master Identity and Access Management and then move into IAM management. I have almost nine years in IAM, making sure companies are compliant with regulations.
Specialties: Very diverse background in computer support. Eight years in Identity and Access Management and over eleven years in a support role. Support of desktop systems and servers running many platforms. RACF, Active Directory, SAP, iSeries, Exchange, and PowerShell, to list a few of the technologies with which I have experience. I have a current security clearance.
Profile Photo
