Sr. Operations Analyst - IAM L3

Requirements

Key Responsibilities:

Identity Access Management Operations:

• Manage and support IAM platforms, including provisioning, authentication, authorization, and lifecycle management.
  
• Oversee user access provisioning, provisioning, and role -based access control (RBAC) for enterprise systems.
  
• Maintain and optimize Single Sign -On (SSO) and Multi -Factor Authentication (MFA) solutions.
  
• Act as the final escalation point for complex IAM issues, troubleshooting access failures and resolving conflicts.
  
• Ensure timely implementation of access requests and user role assignments in accordance with organizational policies.
  

Cybersecurity and Compliance:

• Ensure IAM systems align with cybersecurity best practices, including Zero Trust principles and least privilege models.
  
• Perform regular audits and reviews of user access and roles to identify and remediate potential risks or violations.
  
• Support compliance efforts with frameworks like GDPR, ISO 27001, NIST, and PCI DSS by implementing appropriate IAM controls.
  
• Monitor IAM systems for security incidents, unauthorized access attempts, and anomalies.
  
• Develop and enforce policies for password management, account lockouts, and privileged access.
  

IAM System Development and Optimization:

• Collaborate with development teams to integrate IAM solutions into applications and infrastructure, both on -premises and cloud -based.
  
• Design and implement automation workflows for provisioning and deprovisioning using tools like SailPoint, Okta, or Azure AD.
  
• Regularly update IAM platforms to address vulnerabilities, improve performance, and introduce new features.
  
• Test and deploy upgrades to IAM systems while minimizing disruptions to user access.
  

Incident Response and Escalations:

• Lead investigations into IAM -related security incidents, performing root -cause analysis and implementing preventative measures.
  
• Coordinate with L1 and L2 teams for streamlined issue resolution and knowledge sharing.
  
• Create and maintain incident response playbooks for IAM -specific scenarios.
  

Documentation and Training:

• Maintain up -to -date documentation of IAM configurations, workflows, and policies.
  
• Provide training and mentoring to junior analysts and other IT staff on IAM best practices.
  

Required Skills and Qualifications:

Technical Skills:

• Expertise with IAM tools and platforms (e.g., Okta, SailPoint, Microsoft Azure AD, Ping Identity, ForgeRock).
  
• Advanced knowledge of authentication protocols such as SAML, OAuth, OpenID Connect, and LDAP.
  
• Experience with Privileged Access Management (PAM) tools like CyberArk or BeyondTrust.
  
• Proficiency in scripting languages (e.g., Python, PowerShell) for automating IAM processes.
  
• Understanding of Zero Trust principles, RBAC, and Just -In -Time (JIT) access models.
  

Experience:

• 5+ years of experience in IAM or cybersecurity roles, with at least 2 years in an L3 or senior capacity.
  
• Proven experience with IAM integrations in hybrid or multi -cloud environments (AWS, Azure, GCP).
  
• Familiarity with endpoint security and enterprise directory services (e.g., Active Directory, LDAP).
  

Soft Skills:

• Strong problem -solving skills with the ability to resolve complex IAM issues.
  
• Effective communication and collaboration skills for working across technical and business teams.
  
• Attention to detail and a proactive approach to risk identification and resolution.
  

Preferred Qualifications:

• Certifications: CISSP, Certified Identity and Access Manager (CIAM), Azure Security Engineer Associate, or Okta Certified Consultant.
  
• Experience in implementing passwordless authentication solutions.
  
• Knowledge of DevSecOps and integration of IAM solutions into CI/CD pipelines.