Description
The Identity & Access Management (IAM) Analyst has responsibility for day-to-day IAM tasks as well as helping drive the design and implementation of various IAM requirements and processes. This position will be responsible for the management and oversight of user account provisioning, modification and terminations across all systems, certification reviews, and ensuring all policies and procedure documentation are current. This position will assist senior team members and management with the architecture and design of the IAM program.
Responsibilities and Duties
- Promote a mature security posture with regard to ensuring appropriate application and system access.
- Plan, schedule and conduct periodic access reviews while working closely with other teams.
- Seek out and assess potential security issues where applicable (for example: excessive privileges relative to job duty or separation of duties, orphan remediation, escalations as required).
- Identify, document and develop process improvements and streamline systems access requests during new hire, transfer and termination processes.
- Strive to automate the provisioning and de-provisioning processes.
- Provide ongoing guidance and leadership in the development and maintenance of user roles/responsibilities while implementing an RBAC (Role Based Access Control) model where possible.
- Support internal and external audits by gathering and/or coordinating deliverables for necessary evidence and review for completeness and accuracy.
- Fulfill user provisioning requests, while documenting appropriate evidence of approvals
- Generate and maintain documentation of procedures.
- Provide periodic status reports and metrics to management.
- Bulk manual termination/clean-up of 3rd party accounts/idle account review.
- Escalating issues requiring meetings with other support teams to resolve.
Requirements
- Bachelor’s Degree in Computer Science, Management Information Systems, or related field with 3-10 years’ experience.
- Ideal candidates will have five years’ experience in user provisioning and possess excellent communication skills.
- Some experience with SailPoint or similar Identity and Access Management tools would be beneficial but is not required.
- Certifications such as CISSP, GIAC, or CISM preferred
- Solid understanding of identity management, single sign-on, and security concepts
- LDAP-enabled directory integration
- Microsoft Active Directory integration
- PowerShell or other scripting language