Job Description:
• Be the primary contact for all IAM-related inquiries during security investigations, incidents, and potential breaches.
• Coordinate and orchestrate response activities across all IAM functions—including Identity Governance (IGA), Privileged Access Management (PAM), Authentication, and IAM Governance
• Assist the CFC in identifying and containing threats by completing or directing IAM-related actions, such as account suspension, privilege revocation, session termination, and enforcement of step-up authentication.
• Analyze threat intelligence and actor TTPs (Tactics, Techniques, and Procedures) to identify potential risks to the identity landscape.
• Develop and refine IAM-centric detection use cases and queries for security monitoring systems (e.g., SIEM, UEBA)
• Use insights to help inform IAM policies
• Provide subject matter expertise to inform the design and implementation of IAM controls across the enterprise.
• Help with the risk-based prioritization for First Line of Defense (LOD1) remediation efforts by providing context on active threats and vulnerabilities.
• Develop formal plans and standard operating procedures (SOPs) for IAM's role in the incident response lifecycle.
• Establish protocols and service level agreements (SLAs) between the IAM organization and the CFC.
• Conduct post-incident reviews and contribute IAM-specific findings to root cause analysis reports.
Requirements:
• 7+ years of progressive experience in Information Security with 5 years focused directly on Identity & Access Management.
• Deep, hands-on knowledge of core IAM domains (IGA, PAM, Authentication , and Authorization)
• Experience with common identity-based attack vectors, TTPs, and threat actors (e.g., credential theft, lateral movement, privilege escalation, MFA bypass techniques).
• Experience working with security operations, incident response, or threat intelligence teams.
• Familiarity with cloud identity platforms and security models (AWS IAM, Azure Active Directory, Google Cloud IAM).
• Professional security certifications such as CISSP, CISM, CISA, or GIAC certifications (e.g., GCFA, GCIH).
Benefits:
• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off including volunteer time off, vacation, sick, and 12-paid holidays
Apply Now
Apply Now