Sr. Operations Analyst - IAM L3

We are seeking a highly experienced L3 Sr. Operations Analyst specializing in Identity and Access Management (IAM) and Cybersecurity. The role focuses on advanced troubleshooting, configuration, and management of IAM systems, ensuring secure and seamless access across enterprise applications, systems, and cloud environments. This position also involves handling escalated incidents, implementing security controls, and driving continuous improvement in IAM processes.

Requirements

Key Responsibilities:

Identity Access Management Operations:

• Manage and support IAM platforms, including provisioning, authentication, authorization, and lifecycle management.
  
• Oversee user access provisioning, provisioning, and role-based access control (RBAC) for enterprise systems.
  
• Maintain and optimize Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions.
  
• Act as the final escalation point for complex IAM issues, troubleshooting access failures and resolving conflicts.
  
• Ensure timely implementation of access requests and user role assignments in accordance with organizational policies.
  

Cybersecurity and Compliance:

• Ensure IAM systems align with cybersecurity best practices, including Zero Trust principles and least privilege models.
  
• Perform regular audits and reviews of user access and roles to identify and remediate potential risks or violations.
  
• Support compliance efforts with frameworks like GDPR, ISO 27001, NIST, and PCI DSS by implementing appropriate IAM controls.
  
• Monitor IAM systems for security incidents, unauthorized access attempts, and anomalies.
  
• Develop and enforce policies for password management, account lockouts, and privileged access.
  

IAM System Development and Optimization:

• Collaborate with development teams to integrate IAM solutions into applications and infrastructure, both on-premises and cloud-based.
  
• Design and implement automation workflows for provisioning and deprovisioning using tools like SailPoint, Okta, or Azure AD.
  
• Regularly update IAM platforms to address vulnerabilities, improve performance, and introduce new features.
  
• Test and deploy upgrades to IAM systems while minimizing disruptions to user access.
  

Incident Response and Escalations:

• Lead investigations into IAM-related security incidents, performing root-cause analysis and implementing preventative measures.
  
• Coordinate with L1 and L2 teams for streamlined issue resolution and knowledge sharing.
  
• Create and maintain incident response playbooks for IAM-specific scenarios.
  

Documentation and Training:

• Maintain up-to-date documentation of IAM configurations, workflows, and policies.
  
• Provide training and mentoring to junior analysts and other IT staff on IAM best practices.
  

Required Skills and Qualifications:

Technical Skills:

• Expertise with IAM tools and platforms (e.g., Okta, SailPoint, Microsoft Azure AD, Ping Identity, ForgeRock).
  
• Advanced knowledge of authentication protocols such as SAML, OAuth, OpenID Connect, and LDAP.
  
• Experience with Privileged Access Management (PAM) tools like CyberArk or BeyondTrust.
  
• Proficiency in scripting languages (e.g., Python, PowerShell) for automating IAM processes.
  
• Understanding of Zero Trust principles, RBAC, and Just-In-Time (JIT) access models.
  

Experience:

• 5+ years of experience in IAM or cybersecurity roles, with at least 2 years in an L3 or senior capacity.
  
• Proven experience with IAM integrations in hybrid or multi-cloud environments (AWS, Azure, GCP).
  
• Familiarity with endpoint security and enterprise directory services (e.g., Active Directory, LDAP).
  

Soft Skills:

• Strong problem-solving skills with the ability to resolve complex IAM issues.
  
• Effective communication and collaboration skills for working across technical and business teams.
  
• Attention to detail and a proactive approach to risk identification and resolution.
  

Preferred Qualifications:

• Certifications: CISSP, Certified Identity and Access Manager (CIAM), Azure Security Engineer Associate, or Okta Certified Consultant.
  
• Experience in implementing passwordless authentication solutions.
  
• Knowledge of DevSecOps and integration of IAM solutions into CI/CD pipelines.