Eversource Energy IT Security & Compliance Internship/Co-op in Berlin, Connecticut
Job Description Summary:
Please find below, three specific areas of work that would be assigned to our intern candidate. The three specific areas of work are estimated at 2-3 hours/day each, 5 days/week. Our candidate of selection would work within the IT Compliance team for which both of these below listed work functions report.
Privileged Access Management System - to capture, analyze and facilitate the identification, and associated access requirements for privileged access ids for both corporate and CIP specific use.
IAM Support (Identity Access Management Tool) – IAM Products fall within the IT Security area, automate access provisioning work flows, identify and inventory access entitlements to specific users and build automation and accuracy for risk mitigation efforts. Eversource implemented an IAM Solution, Sailpoint IIQ, over a year ago, and continues to build out additional required workflows to support requirements from regulatory and federal agencies and for work automation efforts. Daily checks and analysis continue to be required in order to build out solutions within the application’s ability. The following tasks would be included as a subset of our selected candidate’s day, which would allow for the support team to complete large effort enhancements to be completed by year end.
Identity Correlation Maintenance – Where Ids need to be recognized as duplicates (based on many variables as to being duplicated) and correct. Flagging of Service Accounts – Identification of a non-unique id – system id known also as a shared id NOT named to one individual. Managed as a separate process. Removal of Pending Requests - In some instances, where many triggers exist within the solution, requests may get held up due to incompleteness, timing for job runs, etc. – need to be attended to for corrective processing. Daily Review of Task Failures – Similar to pending requests, where tasks fail, they require analysis, identification of issue, documentation and corrective actions. Weekly CIP Access Report Review (for IIQ issues) – Given strict CIP requirements – these requests have specific additional manual steps which may be required on a daily/weekly review basis. Weekly Termination Report Review (for IIQ issues) – same as the above CIP Report Review requirements. Sarbanes Oxley – Segregation of Duty Conflict Process tracking - to work through the current backlog of a new process that has been automated – Once automation was built, backlog was created from initial automation effort and required analysis and review for resolution.
IT Compliance for SOX Audit Preparation – A new GRC (Governance, Risk and Compliance) automated solution is currently being implemented which is moving compliance management to an automated workflow solution removing the reliance on spreadsheets, email, and network drives. The preparation of the workflows required for input, and the communications to the users of the new processes that are being automated, would be assigned to our intern candidate. The Sarbanes-Oxley Audit cycle for 2018 will begin in late May. The tasks associated with this piece of work include the following:
Learning the workflow process within the solution to help assist the users with processing transactions and responding to actions on a timely manner in support of the time sensitive audit cycle directed by our external auditing firm. Reviewing actions taken on required tasks for the audit and identify gaps in task/action completeness, provide suggested dashboard views for users. Perform metric reviews for all open actions/transactions for timeliness in response for audit deliverables on time. Document Procedures for Control Creation, Process Ownership and association of applications and toolsets to controls.
Please attach a resume when completing your application on line.
Primary Recruiter - Contractor
Number of Openings:
Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.
VEVRRA Federal Contractor