POSITION DESCRIPTION TITLE: FLSA STATUS: ERP Security Analyst Exempt CATEGORY: GRADE: Professional F (TS) JOB SUMMARY: Under the guidance of the Chief Information Security Officer (CISO) serves as technical expert for the entire life-cycle pertaining to identity management for the Enterprise Resource Planning-Banner (ERP) environment. Monitor and maintain application security and identity access management on production and test instances to protect the sensitive data in the College’s ERP system. ESSENTIAL FUNCTIONS: YEARLY PERCENT OF TIME 30% 1. Establish, analyze, and document the maintenance and identification of new and existing security roles in accordance with College policies and procedures as it pertains to the ERP security environment. Establish, analyze, and document account provisioning for end users and applications. Manage and oversee the process for security profile additions and revisions to include access change management controls, departmental involvement, and related documentation. 2. Identify, analyze and troubleshoot complex ERP security related access, production issues or problem tickets to include documentation. Assist in analyzing new patches and upgrades. Recommend streamlining and automating security ERP policies and procedures and guidelines. 20% 3. Design and conduct ERP application security audits on a regular basis, to ensure compliance with College policies, procedures, and measurable standards as well as local, state, federal laws and regulations. 15% 4. Review, recommend and apply VP/CIO and/or CISO administrative changes to security strategies as part of the organizational security program to leverage existing ERP general controls, security best practices, and monitoring & reporting. 10% 5. Facilitate and promote activities that foster IT security and compliance awareness within the College. Work one on one with supervisors in understanding security roles/permissions and department security setup which may lead to developing new security processes for department. 10% 6. Maintain awareness of new regulations and current best practices; participate in educational opportunities, read professional publications, maintain professional networks and participates in professional organizations and conferences. Represent CISO in his/her absence. 10% 7. Perform other duties as assigned. 5% Revised: 7/27/15 Effective: 10/12/11 Page 1 of 5 REPORTING RELATIONSHIP: Chief Information Security Officer. SUPERVISORY RESPONSIBILITIES: Direct supervision of assigned staff. ESSENTIAL QUALIFICATIONS: EDUCATION: Bachelor’s Degree in Information Technology or Security related field. EXPERIENCE: Two (2) years related experience. SPECIAL SKILLS AND ABILITIES: 1. Skills/Abilities: Knowledge and experience of information protection principles such as Identity management, authentication, authorization, encryption, vulnerability assessment and remediation, firewall concepts, audit trails/logs and best practices for administering data comingling; Knowledge of El Paso Community College information protection policies and standards, including records retention, privacy, and protection of intellectual property; Knowledge of risk management techniques and application; Ability to work as part of a skilled team to provide system support and analysis and be able to interpret and apply direction given by VP/CIO and/or CISO; Experience with data warehouse, data mart, document management and imaging, and related technologies/systems and the business processes they support; Awareness of physical safeguards and contract language protection for intellectual property; Ability to communicate effectively both verbally and in writing with a wide variety of external professionals and in-house staff from diverse socio-economic backgrounds; Demonstrated strong presentation and report writing skills in a fast paced and demanding environment; Demonstrated ability to work independently on projects and produce required results in a timely fashion; Ability to work in a diverse environment and be sensitive to issues of diversity and inclusion. 2. Equipment Used: Personal Computer and other equipment associated with an office environment. 3. Software Used: A variety of spreadsheet, word-processing, database, e-mail, and presentation software. PHYSICAL REQUIREMENTS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to sit. The employee is frequently required to use hands to handle or feel and talk or hear. The employee is occasionally required to stand; walk; reach with hands and arms; climb or balance and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 10, 25 and 50 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus. Revised: 7/27/15 Effective: 10/12/11 Page 2 of 5 INTERPERSONAL SKILLS: Alternative or combined skills in understanding, negotiating, selecting, developing, and motivating people are important to the highest degree due to constant interaction with other people, at any level within the organization or the community, position’s accountability for the development, motivation, assessment, and reward of employees, and to deal with irrational situations where the outcome is unpredictable. WORKING CONDITIONS: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually moderate. Revised: 7/27/15 Effective: 10/12/11 Page 3 of 5 POSITION TITLE: ERP Security Analyst PHYSICAL REQUIREMENTS & WORKING CONDITIONS: The physical demands and work environment factors described below are representative of those that must be met by an employee to successfully perform the essential functions of this job. PHYSICAL ACTIVITIES: None Stand Walk Sit Use hands to finger, handle or feel Reach with hands and arms Climb or balance Stoop, kneel, crouch, or crawl Talk Hear Taste Smell WEIGHT and FORCE DEMANDS: Up to 10 pounds Up to 25 pounds Up to 50 pounds Up to 100 pounds More than 100 pounds WORK ENVIRONMENT: Wet or humid conditions(non-weather) Work near moving mechanical parts Work in high, precarious places Fumes or airborne particles Toxic or caustic chemicals Outdoor weather conditions Extreme cold(non-weather) Extreme hot (non-weather) Risk of electrical shock Work with explosives Risk of radiation Vibration Over 2/3 X X X X X X X X X None Amount of Time Under 1/3 1/3 to 2/3 X X X Over 2/3 X X None X X X X X X X X X X X X VISION DEMANDS: No special vision requirements Close vision (clear vision at 20 inches or less) Distance vision (Clear vision at 20 feet or more) Color vision (ability to identify and distinguish colors) Peripheral vision Depth perception Ability to adjust focus Revised: 7/27/15 Effective: 10/12/11 Amount of Time Under 1/3 1/3 to 2/3 X X Amount of Time Under 1/3 1/3 to 2/3 Over 2/3 Required X X X X X X Page 4 of 5 NOISE LEVEL: Very quiet Quiet Moderate Loud Very Loud Exposure Level X The intent of this job description is to provide a representative and level of the types of duties and responsibilities that will be required of positions given this title and shall not be construed as a declaration of the total of the specific duties and responsibilities of any particular position. Employee may be directed to perform job-related tasks other than those specifically present in this description. I certify that I have received a copy of this job description. I have read and understand the duties and responsibilities of this position. X Employee Signature Revised: 7/27/15 Effective: 10/12/11 Date Page 5 of 5