Senior InfoSec IAM Analyst - Chatsworth
Listed on 2026-07-06
-
IT/Tech
Cybersecurity, Information Security, IT Consultant
Overview
Senior Info/Sec Identity Access Management Analyst – Onsite/Chatsworth. The Senior Info Sec / Identity Access Management Analyst is responsible for designing, implementing, and maintaining security controls that protect the credit union’s systems, infrastructure, and data. Ensures security capabilities are preventive, detective, and responsive, while maintaining compliance with regulatory requirements. The engineer works closely with IT, Infrastructure, Cloud, and Application teams to embed security into daily operations and ensure audit readiness.
Implements the enterprise Identity and Access Management (IAM) framework, governing how employees, contractors, and temporary staff are granted role-based access to systems and applications. Maintains the documentation for certification and accreditation of each information system in accordance with FFIEC requirements, assess the impacts on system modifications and technological advances, and review systems to identify potential security weaknesses, recommend improvements, implement changes and document upgrades with familiarity of NIST.
You Will Do
- Design, implement, and maintain security controls across network, endpoint, server, cloud, and identity platforms.
- Configure, tune, and support security tools including (but not limited to):
Endpoint Detection and Response (EDR/XDR), network security controls (firewalls, segmentation, IDS/IPS), Identity and Access Management (IAM), MFA, and privileged access controls; vulnerability management and configuration hardening tools. - Monitor security alerts, investigate suspicious activity.
- Work with IT teams to prioritize remediation based on risk, exposure, and business impact. Track remediation progress and validate corrective actions.
- Participate in security incident response activities, including detection, investigation, containment, and recovery, forensic data collection and evidence preservation as required.
- Document technical controls, configurations, and operational procedures in an audit-ready manner.
- Provide technical input into risk assessments, vendor reviews, and exception requests.
- Review system designs and architecture for security risks and control gaps.
- Develop and implement IAM framework. Partner with various stakeholders to ensure proposed processes meet regulatory requirements and best practices.
- Help team members determine security requirements for business processes and technology systems based upon risk analysis methods, functional and performance requirements, information security architecture principles, and market-leading solutions.
- Support the team in the creation, tracking, and completion of compliance findings related to identity and access management.
- Participate in audit-related activities as they pertain to IT access for internal and external audits.
- Bachelor’s degree in information security, Computer Science, Information Technology, or equivalent experience.
- Certification required in one or more of the following: ISC2 Cybersecurity (CC), Certified Information Security Manager (CISM), GIAC or Security+.
- Minimum 5 years of experience in information security engineering, infrastructure security, or related roles with experience in developing and implementing access management frameworks. Must have experience with Microsoft Active Directory and Agile, Dev Sec Ops and ITIL practices.
- Knowledge of identity lifecycle and governance processes. Understanding of technology and solutions for financial services such as Jack Henry.
- Cross-functional understanding of the organization and all lines of business.
- Hands-on experience securing Windows and/or Linux server environments, network infrastructure and firewalls. Identity systems and privileged access management.
- Strong understanding of cybersecurity principles including least privilege, defense-in-depth.
- Ability to document technical controls clearly for audit and executive audiences.
- Experience in a financial institution or highly regulated environment.
- Familiarity with ISO, NIST Cybersecurity Frameworks, CIS Controls, or similar standards.
- Experience with cloud security (Azure & AWS). Security certifications such as CC, SSCP,…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).