Requirements

Key Responsibilities:

Identity Access Management Operations:

• 
  Manage and support IAM platforms, including provisioning, authentication, authorization, and lifecycle management.
• 
  Oversee user access provisioning, provisioning, and role-based access control (RBAC) for enterprise systems.
• 
  Maintain and optimize Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions.
• 
  Act as the final escalation point for complex IAM issues, troubleshooting access failures and resolving conflicts.
• 
  Ensure timely implementation of access requests and user role assignments in accordance with organizational policies.

Cybersecurity and Compliance:

• 
  Ensure IAM systems align with cybersecurity best practices, including Zero Trust principles and least privilege models.
• 
  Perform regular audits and reviews of user access and roles to identify and remediate potential risks or violations.
• 
  Support compliance efforts with frameworks like GDPR, ISO 27001, NIST, and PCI DSS by implementing appropriate IAM controls.
• 
  Monitor IAM systems for security incidents, unauthorized access attempts, and anomalies.
• 
  Develop and enforce policies for password management, account lockouts, and privileged access.

IAM System Development and Optimization:

• 
  Collaborate with development teams to integrate IAM solutions into applications and infrastructure, both on-premises and cloud-based.
• 
  Design and implement automation workflows for provisioning and deprovisioning using tools like SailPoint, Okta, or Azure AD.
• 
  Regularly update IAM platforms to address vulnerabilities, improve performance, and introduce new features.
• 
  Test and deploy upgrades to IAM systems while minimizing disruptions to user access.

Incident Response and Escalations:

• 
  Lead investigations into IAM-related security incidents, performing root-cause analysis and implementing preventative measures.
• 
  Coordinate with L1 and L2 teams for streamlined issue resolution and knowledge sharing.
• 
  Create and maintain incident response playbooks for IAM-specific scenarios.

Documentation and Training:

• 
  Maintain up-to-date documentation of IAM configurations, workflows, and policies.
• 
  Provide training and mentoring to junior analysts and other IT staff on IAM best practices.

Required Skills and Qualifications:

Technical Skills:

• 
  Expertise with IAM tools and platforms (e.g., Okta, SailPoint, Microsoft Azure AD, Ping Identity, ForgeRock).
• 
  Advanced knowledge of authentication protocols such as SAML, OAuth, OpenID Connect, and LDAP.
• 
  Experience with Privileged Access Management (PAM) tools like CyberArk or BeyondTrust.
• 
  Proficiency in scripting languages (e.g., Python, PowerShell) for automating IAM processes.
• 
  Understanding of Zero Trust principles, RBAC, and Just-In-Time (JIT) access models.

Experience:

• 
  5+ years of experience in IAM or cybersecurity roles, with at least 2 years in an L3 or senior capacity.
• 
  Proven experience with IAM integrations in hybrid or multi-cloud environments (AWS, Azure, GCP).
• 
  Familiarity with endpoint security and enterprise directory services (e.g., Active Directory, LDAP).

Soft Skills:

• 
  Strong problem-solving skills with the ability to resolve complex IAM issues.
• 
  Effective communication and collaboration skills for working across technical and business teams.
• 
  Attention to detail and a proactive approach to risk identification and resolution.

Preferred Qualifications:

• 
  Certifications:
  CISSP
  ,
  Certified Identity and Access Manager (CIAM)
  ,
  Azure Security Engineer Associate
  , or
  Okta Certified Consultant
  .
• 
  Experience in implementing passwordless authentication solutions.
• 
  Knowledge of DevSecOps and integration of IAM solutions into CI/CD pipelines.