Senior Cloud Identity Analyst
Description:
The Senior Cloud Identity Analyst will work in the Identity and Access Management (IAM) group and across several business and technology organizations. The Senior Cloud Identity Analyst will review, implement, and maintain identity artifacts with emphasis on risk reduction and mitigation through process improvement and automation. The Senior Cloud Identity Analyst will assist other IAM team members with complex access requests and revocation. The Senior Cloud Identity Analyst will review completed access requests and revocations for adherence to separation of duties, least privilege, and enterprise best practices. The Senior Cloud Identity Analyst has a strong and documented understanding of multiple identity and identity supporting technology platforms.
Responsibilities:
-
Lead the management and maintenance of identity and access management (IAM) systems, ensuring accurate and timely provisioning and de-provisioning of user accounts for both employees and contingent workers.
-
Oversee the entire lifecycle management of identities, including onboarding, role changes, and offboarding processes and manage identities and entitlements.
- Design & Architecture: Design secure and scalable IAM solutions (e.g., for SSO, MFA, RBAC, JIT provisioning). Define identity governance models and lifecycle management strategies. Evaluate and implement Zero Trust principles in IAM.
- Implementation & Integration: Deploy and configure IAM platforms (e.g., Okta, Azure AD, Ping, ForgeRock, SailPoint). Integrate applications with SSO/MFA using SAML, OAuth2.0, OpenID Connect, LDAP.
- Access Management & Governance: Develop and enforce role-based access controls (RBAC) and least privilege access models. Implement access reviews, certifications, and policy enforcement (SOX, GDPR, HIPAA). Manage privileged access (PAM) platforms like CyberArk, Beyond Trust
- Incident Resolution: Troubleshoot complex SSO and MFA authentication failures across federated systems. Analyze token issuance failures (SAML assertions, JWT, OIDC flows). Resolve sync issues between directories (e.g., Azure AD Connect, LDAP, AD).
- Advanced Configuration: Customize IAM workflows (e.g., onboarding, offboarding, approval chains). Create and manage custom connectors (for SaaS/IaaS integrations). Fine-tune identity policies (conditional access, password less login, etc.).
- Code/Script Development: Write scripts (Python, PowerShell, Bash) to automate identity tasks. Develop REST API integrations with HRMS, ERP, or custom apps. Contribute to IAM modules in CI/CD and DevSecOps pipeline
-
Conduct and oversee access recertification campaigns to maintain appropriate access levels across the organization.
-
Provide expertise in IAM for cloud environments, ensuring secure and efficient identity management in cloud platforms.
-
Stay current with industry trends and best practices in identity governance and administration.
Qualifications:
-
Bachelor’s degree in computer science, Information Technology, or a related field.
-
5+ years of experience in identity governance and administration or a related domain.
-
Expertise in identities and entitlements management, roles, access recertification campaigns
-
Experience in Design & Architecture of scalable IAM solutions, Implementation & Integrations to deploy and configure IAM platforms, Incident resolutions to trouble shoot, and Advanced configurations to customize IAM Workflows.
-
Proficiency in scripting languages such as Python, PowerShell, or similar.
-
Strong understanding of IAM principles and best practices, including cloud-based IAM solutions.
-
Excellent problem-solving skills and attention to detail.
-
Ability to work independently and lead a team.
-
Strong communication and interpersonal skills.
Preferred Qualifications:
-
Experience with IAM tools such as SailPoint, Okta, or similar.
-
Knowledge of regulatory requirements related to identity management (e.g., GDPR, SOX).
