Identity & Access Management Analyst

Position Title:

Identity & Access Management Analyst

FLSA Status:

Non-Exempt

Reports to:

IS Manager - Identity & Access Management

Summary of the Job:

The IAM analyst works closely with security and IT teammates to establish and manage a process of enterprise-wide identities and access controls granted to systems and applications. The analyst uses IAM tools and platforms to support and manage exception changes, ensuring they are clearly tracked, reported and reviewed according to established policies. Analysts in this role support senior management in maintaining a safe and secure enterprise technical operation. Daily, an IAM analyst verifies solutions are healthy, tightly managed and performing optimally to prevent unauthorized access. To be successful, candidates must have a good understanding of security principles and practical hands-on experience with host and application configurations, on- and off-premises solutions, directory services and identity governance administration principles.

Essential Functions:

• Serve on a distributed security and technology team responsible for documenting, establishing and maintaining identities and entitlements within IAM solutions.
• Implement identity controls and settings that align with policies and governance structure.
• Manage certification campaigns to ensure completeness and timeliness of completion.
• Work closely with HR, the lines of business and IT to develop and maintain Role Base Access templates.
• Work closely with security leadership, project management, and stakeholders to evaluate and implement access models that align with organizational risk posture.
• Support IAM governance, policies and solutions across SSO, MFA, privileged accounts, automation and behavior analytics systems.
• Assess and resolve IAM issues that occur across the employee base, as well as with external entities.
• Evaluate business impact and risk exposure based on the level of access granted and make recommendations where improvements should be made.
• Work closely with incident responders during potential incidents and escalate to management as needed.
• Document access, removals, exceptions, and maintain integrity for audit reviews.
• Review internal, external and contractor accounts as part of periodic audits.
• Make recommendations for improvements in automation efficiencies, security practices and end-user experience.
• Collect key performance indicators and related operational metrics, and track SLAs used to validate success as well as future areas of improvement.
• Execute tactical requests and support the strategic vision for rigorous and scalable IAM controls.
• Maintain understanding of business processes to aid in managing enterprise identity and access.
• Frequently interact with business units to understand their plans, risk posture and tolerance, and how IAM supports their vision and business obligations with security in mind.
• Assist with implementation of IAM projects from inception to completion to ensure they are on time and within budget.

Additional Functions:

• Perform routine duties with minimal supervision using standard practices or procedures.
• Comply with all safety policies, practices and procedures. Report all unsafe activities to supervisor and/or Human Resources.
• Participate in proactive team efforts to achieve departmental and company goals.
• Perform duties as assigned to reach team goals.
• Knowledge of financial institution policies, procedures and regulations preferred.

Required Education/Experience:

• Bachelor's degree in information systems, computer science, information security or related technical field or one to three years' related experience and/or training in cybersecurity or information technology; or equivalent combination of education and experience required.
• 2+ years of related security role administration with IAM/IGA solutions, and preferably some experience with provisioning, access reviews, and entitlements.
• Minimum of one active cybersecurity or identity management certification.

Preferred Skills:

• Preferably 3-5+ years' experience in security systems administration, with 2+ years' technical hands-on IAM practitioner experience.
• Familiarity with administering directory services, Windows and Azure AD, SSO, MFA and role-based access control (RBAC).
• Experience administering IAM systems, access controls, security and risk management, and security governance fundamentals.
• Familiar with one or more regulatory requirements, frameworks, and laws such as, but not limited to, PCI, DSS, Federal Financial Institutions Examination Council (FFIEC), Sarbanes-Oxley (SOX) NIST CSF, and GLBA.
• Preferable experience with one or more scripting languages (e.g., Python, PowerShell, Bash).
• Strong written and oral communication skills across varying levels of the organization.
• Understanding of service design, delivery concepts and control frameworks.
• Organized, with the ability to prioritize and complete tasks within defined SLAs.
• Excellent judgment and the ability to make quick decisions when working with complex situations.
• High degree of integrity, trustworthiness and confidence; represents the company and its management team with the highest level of professionalism.

Physical Activity/Dexterity:

• Manual dexterity sufficient to reach/handle items and work with fingers. Works with fingers and perceives attributes of objects and materials.

Physical Environment Demands:

• The person in this position needs to occasionally move about inside the office to visit other offices, conference rooms, office machinery, etc.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and telephone.
• Constantly positions self to operate on a computer.
• The person in this position frequently communicates with other people throughout each day. Must be able to exchange accurate information when conversing.

Working Conditions/Environment:

• Designated workspace at assigned facility conducive to a high productivity work environment.
• Moderate noise (e.g. business office with computers and printers, light traffic).

Work Schedule/Hours:

• Monday through Friday; 8:00 a.m. - 5:00 p.m.
• Available for overtime as needed to complete job task.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)