Lead Identity and Access Management (IAM) Analyst

Essential Job Duties 
  

• Lead user access recertification campaign oversight in collaborating with multiple application owners and stakeholders to ensure completeness and accuracy of all recertifications and produce documentation for auditors.
• Bi-weekly checks of joiners, movers and leavers (JML) population to ensure appropriate provisioning and deprovisioning occurs.
• Monthly reviews of domain administrator password check outs (Keepass, Safeguard.)
• Ensure role-based access control is aligned with access users have by maintaining RBAC database.
• Work with managers and application owners to ensure roles are accurate to actual access and appropriate.
• Review user access for improper entitlements such as toxic combinations across applications.
• Participate as a member of a distributed security and technology team responsible for prioritizing requirements and entitlements, as well as establishing and maintaining identities for business applications within IAM solutions. 
• Become a subject matter expert to create and maintain IAM business process and architectural requirements. 
• Validate identity controls and settings that align with policies and identity governance and administration (IGA) process. 
• Formulate business cases, evaluate product capabilities and ensure requirements can be met. 
• Influence IAM project timeframes, goals, strategic plans and budget constraints. 
• Research and review process to ensure operational efficiency for security team and employees. 
• Review integrations and assess their state related to business and security needs. 
• Understand associated businesses’ organizational and technical controls within global frameworks. 
• Regularly review and measure trends, threats and vulnerabilities with access to applications and data. 
• Work closely with business stakeholders to evaluate change impacting existing business cases. 
• Govern access models to verify alignment with organizational risk posture. 
• Support IAM governance, policies and solutions across SSO, directory, certificate, MFA, zero trust, privileged accounts and automation.
• Oversee access to on-premises, cloud infrastructure and applications for a distributed workforce. 
• Conduct business impact and risk exposure and make recommendations where security can improve. 
• Review internal, external and contractor accounts as part of periodic audits. 
• Participate in quality assurance of solutions and features to ensure optimal use and security IAM best practices. 
• Make recommendations to improve automation, security practices and end-user experience. 
• Frequently interact with business units to understand their plans, risk appetite and business obligations. 
• Facilitate opportunities to improve efficiencies automating and advancing IAM and IGA processes. 
• Support policies for access, data protection, security and compliance framework requirements. 
• Be aware of advanced technologies and use of AI/machine learning as businesses adopt to improve operational efficiency. 
• Perform other duties as assigned. 

Skills and Experience 

• Preferably 5-plus years’ experience in security administration, with 3-plus years’ technical hands-on IAM practitioner. 
• Administration and familiarity with directory services, Windows and Entra ID/Azure AD, SSO, MFA, zero trust, attribute-based access, and policy and role-based access. 
• Experience administering IAM systems and access controls aligning with security governance fundamentals. 
• Ideally familiar with one or more regulatory requirements and laws such as, but not limited to, PCI, FFIEC, SOX, and GLBA. Additionally, experience in one or more: CSF, ITIL. 
• Preferable experience with one or more scripting languages (Python, PowerShell and Bash). 
• Track record acting with integrity, taking pride in work, seeking to excel, being curious and flexible. 
• Strong written and oral communication skills across varying levels of the organization. 
• Excellent judgment and the ability to make quick decisions when working with complex situations. 
• High degree of integrity, trustworthiness and confidence; represents the company and its management team with the highest level of professionalism. 

Education Requirements 

• Bachelor’s degree preferred in cybersecurity, computer science, engineering or related field. 

Experience Requirements  

• 5-plus years of cybersecurity or IT practitioner experience. 

Certification Requirements 

• Preferable: CISSP, Microsoft Identity & Access Administrator Associate, GSEC, GISF, GISP, CIPP