Logical Access Review Analyst

Roles & Responsibilities

• Extract user access lists directly from systems, or coordinate with application, system, database, or network support teams to acquire complete and up-to-date access data.
• Conduct quarterly or semi-annual reviews of user and privileged account access, depending on regulatory scope (e.g., PCI DSS-scope systems require quarterly review).
• Ensure review completeness by covering all in-scope systems, and timely completion according to the established schedule.
• Validate accuracy by cross-referencing access data with authoritative sources, such as updated employee master lists from HR.
• Check for access anomalies, including dormant accounts, excessive privileges, Segregation of Duties (SoD) conflicts, and accounts that should have been deactivated.
• Review custody and ownership of service accounts, ensuring each account has a valid, identifiable custodian.
• Notify users or account custodian...