Identity and Access Management Analyst
United States
Full Time
6 days ago
$70,000 - $85,000 USD
H1B Sponsor
Key skills
AzureLinuxUnixIAMOAuthSAMLActive DirectoryIdentity ManagementSSOProject ManagementRisk ManagementCommunication
About this role
Role Overview
- Develop, deploy, and maintain role-based logical access processes
- Guide all components of the enterprise approach to critical security functions such as: identity and access management (IAM), privileged identity management, and access controls
- Develop, implement and maintain logical access roles within the SailPoint IdentityNow platform to ensure access is provisioned/deprovisioned at the appropriate times to ensure compliance with corporate policies
- Manage the oversight and maturation of efficiencies in the security functions ensuring adherence to company policy and standards
- Provide governance within the information risk office team and others with regard to the access management and privileged identity management arenas
- Develop, foster, and mature process efficiencies with the goal of reducing time and effort to perform
- Maintain security policies including updates to reflect changing practices and business needs
- Monitor compliance with policies
- Monitor and audit user permissions within applications
- Assist with all user audit activity and fulfillment of internal and external audit requests
- Establish processes to monitor and analyze user and privilege identity access and maintain separation of duties (SoD)
- Develop and maintain process and control documentation supporting IAM services
- Develop training materials related to IAM processes and technologies
- Consult with key business stakeholders to evaluate functional requirements and translate those requirements into information security solutions
- Provide guidance to business partners about applicability of information security to meet business needs
- Support the documentation and accreditation processes necessary to ensure that new IT systems meet the organization's information security requirements
- Respond to crisis or urgent situations to mitigate immediate and potential threats
- Investigate and analyze all relevant response activities
- Represent Information Risk Office in cross-functional meetings and projects
- Develop, foster, and mature process efficiencies with the goal of reducing time and effort to perform
- Participate in the execution of enterprise-wide information security program
Requirements
- High school diploma or GED required
- Bachelor’s degree preferred
- Five (5) years of IT experience encompassing project management, information security, risk management and/or programming required
- Working experience in one or more areas of information security required including: identity and access management, role-based access control (RBAC) methodologies, privileged identity/access management, access reviews, IT audit, segregation of duties and federation protocols (OAuth, SAML, OpenID), or Single Sign On (SSO) models
- Industry recognized certification within the domain of information security, information technology and privacy (e.g., CISSP, GIAC, CISM, ITIL, CIPP/US, etc.) preferred
- Experience with SailPoint IdentityNow or equivalent identity and access management software solutions preferred
- Knowledge of or experience in Microsoft Office tools, Active Directory, AS400, Linux/Unix, API, CyberArk, and Azure Dev Ops
- Experience making independent risk-based decisions for planning and incident management, with consideration for business and operational goals and constraints
- Excellent planning and problem-solving skills; must have high attention to detail and quality of work deliverables
- Strong organization skills with the ability to handle multiple priorities
- Excellent oral and written communication skills, as well as the ability to convey security, technical and privacy related issues to business audience
- Ability to work with a team as well as diverse workgroups on prevention, identification, and resolution of privacy and security problems
- Knowledge of information security fundamentals, information security policies and procedures, industry best practices as well as various governance standards and healthcare law (HITRUST, NIST, ITIL, HIPAA, HITECH, etc.)
- Proven examples of displaying the IH values: Passionate, Caring, Respectful, Trustworthy, Collaborative and Accountable.
Tech Stack
- Azure
- Linux
- Unix
Benefits
- full range of benefits
- generous paid time off
- scorecard incentive