Identity and Access Management Analyst II

Overview

As an IAM Analyst II, you will play a critical role in maintaining a secure and compliant IT environment across the enterprise. Reporting to the IT Risk Management Director and working as part of the Information Technology Risk Management team, you will be responsible for configuring, monitoring, and maintaining a variety of security tools and platforms. These include identity provisioning and deprovisioning systems, privileged access management tools, and governance, risk, and compliance platforms.

This role requires a detail-oriented and technically capable professional who can apply industry knowledge and company procedures to deliver solutions of moderate complexity with minimal supervision.

• Work independently under general supervision, applying sound judgment within defined policies and procedures.
• Process requests related to user account provisioning, modification, and deprovisioning across multiple systems.
• Coordinate with service providers regarding approval and implementation of access.
• Partner with data stewards to define and enforce appropriate access controls to information systems.
• Collaborate with department leads to define new security and access as needed; maintain accurate documentation of security roles, structures, and data restrictions in an ongoing effort.
• Deliver user awareness education, compliance, and audit support aligned with the company's information security objectives.
• Perform ongoing reviews of account and application security to ensure efficient and appropriate access.
• Identify and respond to risks by escalating or mitigating issues as necessary.
• Research and recommend policies and procedures to enforce controls and protect information assets from unauthorized or accidental modification, destruction, or disclosure.
• Analyze and report on security metrics to support continuous improvement and compliance.
• Engage with vendor technical support to resolve system-related issues as needed.
• Maintain professional, clear, and timely communication with peers, management, stakeholders, and external partners.

• Strong verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Analytical mindset with strong problem-solving abilities, attention to detail, and a willingness to learn.
• Understanding of complex permission models and system interactions in a regulated, controls-based environment.
• Excellent organization and time-management skills; capable of prioritizing tasks to meet deadlines.
• Collaborative team player with a proactive approach and strong interpersonal skills.
• Familiarity with state and federal regulations related to identity and access management.
• Commitment to continuous improvement and innovation in support of a secure and user-friendly environment.

• Associate's Degree in Information Security, Computer Science, or a related field preferred or 2-4 years equivalent work experience.
• Relevant certifications (Comp Tia Security +, Comp Tia Security Analyst (CySA+), GISF, etc) are a plus.
• Experience in access control, information security, or compliance roles using best-in-class Identity and Access Management tools.
• Knowledge of and best-practices-experience working with access control technologies, identity management tools, security frameworks, and regulations such as NIST, CMMC, HIPAA, etc., and governance, risk, and compliance (GRC) tools or related compliance and security frameworks.
• Knowledge and experience in application security and the management and application of Role-based Access Control methods.
• Experience in higher education, government, or similarly complex environments is desired.

EEO statement:
Cianbro is an employee-owned, tobacco-free, equal opportunity employer, we do not discriminate based on marital status, race, color, creed, gender, sex, religion, national origin, gender identity, age, veteran status, union affiliation, physical or mental disability, citizenship status, sexual orientation, or genetic information.