Information Security Officer jobs in United States, Massachusetts, Boston
Bank Of America Identity Access Management IAM Security Administration Speci... United States, Massachusetts, Boston
Share
This job is responsible for developing and supporting enterprise-wide information security policies, procedures, and standards. Key responsibilities include applying knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, and report on adherence to policy requirements. Job expectations include using data analytics and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.
LOB Overview:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Responsibilities:
Support the implementation and ongoing management of access provisioning solutions across enterprise platforms, ensuring alignment with security policies and regulatory requirements.
Apply working knowledge of Active Directory , Microsoft Azure, Amazon Web Services (AWS), and Mainframe , Oracle and SQL databases , file systems , and enterprise storage , with a focus on enforcing least privileged access .
Assist in maintaining access control policies , group structures , and role-based access models to support scalable and secure provisioning.
Collaborate with application owners and infrastructure teams to implement access requirements for new and existing systems.
Participate in automation initiatives to streamline provisioning and de-provisioning workflows , integrating with identity governance platforms and HR systems and IAM controls.
Conduct periodic access reviews , entitlement audits , and certification campaigns to ensure compliance and identify access anomalies.
Investigate and remediate access-related incidents, working closely with cybersecurity and risk teams to address vulnerabilities and improve controls.
Stay current with emerging IAM technologies, regulatory changes, and industry best practices to continuously enhance the access provisioning program.
Prepare metrics, reports, and recommendations to senior leadership and audit teams regarding access provisioning effectiveness and risk posture.
Required Qualifications:
3-5+ years experience in Identity and Access Management, with a focus on access provisioning across enterprise environments.
Working knowledge of Active Directory , Microsoft Azure AWS, Mainframe , Oracle Database , SQL Server , Windows and Unix file systems , and enterprise storage platforms .
Understanding of IAM governance frameworks , platforms ( e.g., SailPoint, Saviynt ) role-based access control (RBAC) , group policy management , and privileged access management (PAM) tools, CyberArk, Hashi Corp and Beyond Trust.
Experience with automated provisioning/de-provisioning workflows , including integration with HR systems to demonstrate proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes.
Familiarity with cloud infrastructure security and access controls in hybrid environments, particularly within Microsoft Azure AWS and Oracle Cloud .
Ability to conduct access reviews , entitlement audits , and risk assessments to identify and remediate access-related vulnerabilities.
Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams.
These jobs might be a good fit
Bank Of America Sr Network Security Engineer Cloud exp required United States, Massachusetts, Boston
Share
Job Description:
We are seeking a skilled and motivated Network Security Engineer to join our GIS Core Engineering team. The Network Security Engineer is a key individual contributor that has accountability for researching, designing, engineering, implementing, and supporting network security solutions. You will utilize in-depth technical knowledge and business requirements to help design and implement a secure solution to meet customer / client needs while protecting the Bank's assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.
It is imperative that you have a solid knowledge of network security domains such as DDoS, Segmentation, Network Access, Web Content Inspection, Perimeter Defense, and Network monitoring. You will regularly collaborate with experts both in country and in other regions, so excellent communication skills are very important. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 5 to 7 years of cybersecurity or engineering experience.
Key Responsibilities:
Serves as a subject matter expert for one or more engineering initiatives and is the point of contact for clients
Contributes to defining and ensuring security requirements are met based on BofA standards and Policies.
Incorporates basic architecture components including threat-models, diagrams, and technological requirements for in solution development.
Understands and utilizes basic network, virtualization, and datacenter technologies for deployment strategies.
Leads the delivery of the major engineering milestones and acts as the critical decision maker with regards to technical design and implementation
Documents and communicates required information for deployment, maintenance, support, and business functionality.
Adheres to team delivery/release process and cadence pertaining to solution deployment and release.
Identifies and raises risks or potential vulnerabilities at all stages of the security-engineering process
Works closely with a diverse set of stakeholders with varying priorities to debate and negotiate paths forward
Navigates and works effectively across a complex, geographically dispersed organization
Required Qualifications:
· Strong fundamental understanding of information security principles, risks, and controls and of cyber security operations functions.
· Knowledge of how Web Based internet facing applications are deployed and set up and experience architecting complex enterprise cybersecurity solutions for data in transit across web, email and b2b environments. Including technology that provides proxy control, malware inspection, SSL termination, and Data Loss Prevention (DLP).
· Understanding of how Content Delivery Networks (CDNs) work, how they are designed to provide application services, and how they are used to mitigate network security threats.
· Detailed knowledge of Network Security solutions such as DDOS mitigations techniques, WAF, etc.
· Knowledge Solid experience with designing, evaluating, and deploying network security solutions for outbound, inbound, and lateral network traffic. Experience engineering web content inspection solutions using tools such as Skyhigh Web gateway, Trellix (Fireeye), and F5 LTM/APM/SSLO.
· Experience deploying proxies in the cloud (AWS) and experience with SASE platforms
· Experience coordinating delivery of project/changes milestones, ensures projects stay on target, escalating and identifying roadblocks.
· Ability to quickly diagnose the problem areas and come up with solutions and/or workarounds
· Ability to translate business needs into requirements and experience understand analyzing the technical feasibility and design against the requirements.
Effective communication skills and must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
· Ability to work independently on various initiatives with little oversight.
· Strong analytical skills/problem solving/conceptual thinking.
· Motivated and willing to learn.
Desired Qualifications
· Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
· Experience deploying security solutions in virtual environments such as VMWare, AWS, Azure
· Experience integrating network security solutions with IAAS, PAAS and SAAS components such as Zscaler, O365, etc.
· Experience deploying security solutions in email environments.
· Experience with Data Governance, Model Risk Management and Application Management.
· Ability to work with Technical and Non-Technical business owners.
· Experience in large enterprise environments.
· Assist with internal efficiencies projects and development.
· Familiarity with industry standard endpoint tools.
· Relevant certifications: CCNA, CCNP, CISSP, or CEH.
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
These jobs might be a good fit
Bank Of America Senior Network Security Engineering Manager United States, Massachusetts, Boston
Share
Job Description:
This job is responsible for supporting multiple network security engineering efforts to deliver enterprise security capabilities globally. Key responsibilities: include serving as a subject matter expert of security technology, overseeing major engineering milestones including the design, development, and implementation of systems, and reporting on key metrics. Job expectations include executing on engineering initiatives, partnering with cross-functional teams, solving complex issues within BofAs global network footprint, and mentoring/managing team members.
This role is for a Senior Network Engineer. This role participates and leads design discussions, engineering and implementation of network activities. This includes vendor selection, testing, technical support, systems/network design, and risk reduction activities. This person is responsible for components of complex engineering and/or analytical tasks and activities, they assist in establishment of input/output processes and working parameters for hardware compatibility and coordination of subsystems design and integration of total system. They will serve as a fully seasoned/proficient technical resource and technical subject matter expert. This role will have direct reports and will also influence and direct activities of a team related to special initiatives or operations. Provides input on staffing, budget, and personnel. Typically 5 or more years of systems engineering experience.
Key Responsibilities:
• Contribute to defining and ensuring security requirements are met based on BofA standards and Policies.
• Incorporates basic architecture components including threat-models, diagrams, and technological requirements for in solution development.
• Understand and utilize basic network, virtualization, and datacenter technologies for deployment strategies.
• Work across technology teams to understand and aid in the delivery of system requirements.
• Build and improve processes supporting system transformation, structures, quality controls, dependency, and workload management.
• Perform/Implement existing test suites (integration, regression, and performance), analyze test reports, identify any test issues/errors, and triage the underlying cause.
• Document and communicate required information for deployment, maintenance, support, and business functionality.
• Adhere to team delivery/release process and cadence pertaining to solution deployment and release.
• Identify gaps in environment management standards adherence and work with appropriate partners to develop plans to close gaps.
Required Qualifications:
• 10+ years of experience in technology, preferably in network/infrastructure
• 5+ years of experience in Network Security
• 5+ years of experience in managing teams
• Expertise in Network design for hybrid cloud implementations and experience with various network security tools
• Experience in deploying large-scale, global projects and programs
• Familiarity with IT security and risk management practices
• Leadership skills and qualities which enable you to work with peers and various levels of management
• Effective communication skills and motivation/willingness to learn
Desired Skills:
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
Experience deploying security solutions in virtual environments such as VMWare, AWS, Azure
Experience integrating network security solutions with IAAS, PAAS and SAAS components such as Zscaler, O365, etc.
Experience deploying security solutions in email environments.
Experience with Data Governance, Model Risk Management and Application Management.
Ability to work with Technical and Non-Technical business owners.
Familiarity with industry standard endpoint tools.
Relevant certifications: CCNA, CCNP, CISSP, or CEH
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
1st shift (United States of America)These jobs might be a good fit
Bank Of America Identity Access management IAM Mainframe Security United States, Massachusetts, Boston
Share
LOB Overview:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Role Description:
The Mainframe Security Administration Manager leads a team of analysts responsible for managing secure access to mainframe systems. This role requires a blend of technical acumen in mainframe security mechanisms (RACF, ACF2, Top Secret), strong governance expertise including knowledge of industry standards, and leadership of team members as a key stakeholder within Information Security and the broader IT organization.
Access Control Management
Implement and maintain security administration and access policies using RACF, ACF2, or Top Secret.
Enforce least privilege and role-based access control (RBAC).
Ensure multi-factor authentication for privileged users.
Ensure that privileged access and encryption policies are enforced.
Compliance & Auditing
Align security administration and access controls with regulatory frameworks (SOX, UCAL and PWC applications).
Maintain detailed logs and audit trails for all access request and administrators provisioning activities.
Utilize tools such as Vanguard Resource Administrator (VRA) for forensic analysis and Report Analyzer for reporting.
Security Governance
Monitor for unauthorized access and potential data leakage.
Conduct regular access reviews and security assessments.
Integrate with Identity and Access Management (IAM) systems for centralized governance.
Team Management
Lead and mentor a team of mainframe security analysts.
Ensure team proficiency in RACF, Top Secret, and z/OS environments, including by participating in learning opportunities and communicating with vendors
Promote automation of repetitive provisioning tasks to enhance efficiency.
Oversee ticketing systems integrated with IAM workflows for request tracking, Quality Assurance validation for efficiency and remediation.
Training & Development
Provide ongoing training on evolving security threats and compliance requirements, process changes.
Set Global Information Security goals and encourage professional certifications (e.g., CISSP, Certified RACF and Vanguard Specialist).
Operational Best Practices
Ensure 24/7 monitoring of access provisioning activities.
Establish and maintain incident response protocols for access-related events.
Design scalable provisioning processes to support organizational growth.
Required Qualifications:
10+ years of progressive experience in Identity and Access Management, with a strong focus on access provisioning across enterprise environments.
10+ Years of experience in RACF, ACF2 and zOS systems
Drives Mainframe Modernization and work in close partnership with the CTO Mainframe team to provide SME security leadership.
Deep technical expertise in Mainframe RACF, Vanguard and Microsoft Azure AWS, Databases DB2 and VMSecure and enterprise storage platforms.
Proven ability to design, implement, and manage access provisioning solutions that enforce least privileged access and align with regulatory and internal compliance requirements.
Strong understanding of IAM governance frameworks, platforms (e.g., ForgeRock Single Sign- On SSO, Adaptive Authentication) role-based access control (RBAC), group policy management, and privileged access management (PAM) tools, CyberArk, Hashi Corp and Beyond Trust.
Experience with automated provisioning/de-provisioning workflows, including integration with HR systems to demonstrated proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes.
Familiarity with cloud infrastructure security and access controls in hybrid environments, particularly within Microsoft Azure AWS and Oracle Cloud.
Ability to conduct access reviews, entitlement audits, and risk assessments to identify and remediate access-related vulnerabilities.
Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams.
Bachelor’s degree in computer science, Information Security, or a related field; advanced degree or certifications (e.g., CISSP, CISM, Microsoft Certified: Identity and Access Administrator Associate) preferred.
BS/BA Engineering degree or equivalent experience
Desired Skills:
Understanding or have experience with agile and lean philosophies.
Strong critical thinking and problem-solving skills with clear communication
Ability to collaborate with different roles to achieve common goals.
Ability to think critically and question the status quo.
Understand how to identify software security vulnerabilities and recognize and communicate their associated impact to the business.
Demonstrate awareness of secure software design principles such as least privilege, defense in depth, or designing secure user interfaces
These jobs might be a good fit
Bank Of America Credit Officer II-Dealer Financial Services United States, Massachusetts, Boston
Share
Job Description:
Job Description:
This job is responsible for managing, monitoring, and documenting credit risk for a portfolio of clients. Key responsibilities include monitoring changes in credit profiles, compliance with credit agreements as well as structuring and underwriting new financing solutions across the Global Banking and Markets product spectrum. Job expectations may include assessing risk solutions which adhere to the bank's risk appetite and risk strategies and coaching and leading team members.
In Dealer Financial Svs, assigned as a market or industry level resource, the Credit Officer II is a highly skilled resource, providing expert level advisory guidance in the most complex, integrated debt capital solutions. The role also serves as Line/Credit approver in conjunction with Risk management based on credit approval grid and drives the internal credit approval process, loan documentation and closing. Involvement with monitoring activities/approvals is also part of the responsibilities. The Credit Officer II maintains knowledge of other BofAML products including Investment Banking and Treasury Management that have credit exposure, and leverages product expertise to deliver the best possible and optimally integrated strategic solution for the client or prospect. The role is balanced between analysis of clients and prospects and their industries, design and execution of credit solutions, and the active management of asset quality. Client facing, the Credit Officer II collaborates with the Relationship Manager(RM),Treasury Solutions Officer (TSO), and other product partners, when needed, to assess client needs, design integrated solutions and deliver the bank to clients and prospects.
Responsibilities:
- Oversees and assesses the credit worthiness of borrowers based on due diligence findings, financial statement analysis, forecasting, analysis of company and industry risks, terms and conditions, and relationship profitability to provide high quality credit approval to Corporate Banking, Investment Banking, Global Markets, and Treasury
- Exercises Delegated Approval Authority using sound judgment and expertise to make approval decisions for the business including new lending limits, structuring and negotiating deal terms, credit worthiness, annual reviews and renewals, risk ratings, and breach actions
- Acts as a senior coverage team resource supporting ongoing credit matters and asset quality, maintaining adherence to the bank's risk appetite and risk strategies to mitigate losses while identifying opportunities to responsibly growing the loan portfolio
- Leads new credit originations in coordination and collaboration with the coverage teams including Relationship Managers, Risk, Syndications, Treasury, and all other product partners
- Negotiates and structures legal documentation related to loans and derivatives
- Establishes appropriate internal risk ratings for clients and implements accurate adjustments throughout the client's credit life cycle
- Trains, coaches, and mentors Credit Analysts and Associates
- Serves as a key member of the Commercial Client Team in handling the clients financial needs, ensuring that the overall client experience is favorable, and that the bank is in a position to expand the relationship. Interacts with clients and prospects to understand their financial goals and objectives, current and future financial performance, and their needs and desires for their banking relationship
- Working closely with the client team, the role of the Credit Officer in the credit process is the guidance and oversight of underwriting, structuring, and documentation of credit requests on an assigned portfolio
- Includes an evaluation of the financial standing of the client or prospect and the appropriateness of the existing or proposed credit structure, and suggestion of any changes to help optimize the relationship
- Underwrite and structure complex credit transactions with minimal oversight
- Some travel time with face-to-face interaction with our dealer clients
- Involved in the negotiation and closing process for transactions in portfolio
- Oversees the monitoring of their assigned portfolio to maintain credit quality, and to ensure timely recognition and management of any changes via the use of the bank’s proprietary risk rating tool, and the review of various compliance, exception and past due reports
Required Qualifications:
- Minimum of 7 years commercial credit underwriting an analysis with a commercial bank or OEM captive finance organization.
- Strong knowledge and comprehension of loan and collateral documentation
- Ability to accurately analyze borrower’s financial picture and deliver a comprehensive risk analysis to manager and risk officers
- Confidence and ability to develop an independent viewpoint and present a business case to support conclusions
- Excellent relationship management skills, experience working in a team environment, ability to help influence constituencies with diverse views towards consensus
- Coaching and mentoring skills
- Strong Microsoft Office Skills
Desired Qualifications:
- Minimum of 10 years commercial credit underwriting and analysis with a commercial bank or OEM captive finance organization in the auto retail space. Direct customer-facing experience in a goal-oriented environment.
- Bachelor’s degree in Finance or Accounting
Skills:
- Analytical Thinking
- Credit and Risk Assessment
- Financial Analysis
- Loan Structuring
- Underwriting
- Attention to Detail
- Business Acumen
- Financial Forecasting and Modeling
- Research Analysis
- Written Communications
- Business Development
- Collaboration
- Critical Thinking
- Portfolio Analysis
- Stakeholder Management
These jobs might be a good fit
Armis Information Systems Security Officer ISSO United States, Massachusetts, Boston
Share
What you'll do
As the ISSO, you will serve as the delegated security lead with responsibility for the security integrity of Armis's most highly sensitive systems:
- Lead and support the security authorization process for cloud solutions seeking and maintaining FedRAMP and DoD Impact Level (IL) Authorized Unclassified ( IL-4, IL-5) and Classified (IL-6) cloud solutions.
- Serve as the primary ISSO for all designated systems under your purview, managing their security lifecycle from initial design through authorization and sustainment.
- Author and maintain all required security documentation, including System Security Plans (SSPs), ensuring controls are accurately documented and aligned with implementation.
- Manage all aspects of FedRAMP and DoD IL Continuous Monitoring (ConMon), including gathering, reviewing, and submitting monthly, quarterly, and annual security artifacts to the appropriate authorizing bodies.
- Support sustained customer communications and actively participate in Continuous Monitoring Review Meetings with government partners.
- Drive the process for all FedRAMP and DoD IL Significant Change Requests and minor change requests, ensuring security impact analyses and authorization updates are completed accurately and on schedule.
- Collaborate with engineering teams to ensure control implementations are technically sound, auditable, and maintain compliance across rapidly evolving cloud and containerized environments.
- Support the GRC team and provide guidance related to commercial compliance efforts.
What we expect
- Top Secret Security Clearance & US Citizenship
- 5+ years of direct experience supporting DoD and/or FedRAMP systems in an Information Security Officer, compliance, or security engineering capacity.
- Must currently reside in the greater Washington D.C. area or be willing to travel to the area on a regular basis to meet with government and authorization partners.
- Must be eligible for a Top Secret security clearance (current active clearance preferred) and must maintain DoD 8570 IAM Level III baseline certifications (e.g., CISSP, CISM, GSLC). IAM Level 3
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field; equivalent professional experience will be considered in lieu of a degree.
- Detailed understanding of NIST 800-53 Revision 5 security controls, security requirement traceability matrices (SRTM), and continuous monitoring practices.
- Detailed understanding of the DISA and FedRAMP significant change request process and authorization lifecycles.
- Proven experience with AWS services management, security baseline enforcement, and compliance within cloud environments.
- Working experience with security incident response, event logging, alerting and the related tooling.
- Experience running Kubernetes in highly regulated environments.
Preferred Skills
- Experience managing security compliance efforts in DoD classified cloud environments.
- Demonstrated experience with AI implementations and automations specifically targeting federal compliance and evidence generation efforts.
- Administrator-level knowledge of AWS and Administrator-level knowledge of Linux operating systems.
- Experience taking a cloud information system through the entire FedRAMP and/or DoD IL authorization process and successfully obtaining an Authorization to Operate (ATO).
- Experience managing security packages and workflows within government GRC tools such as eMASS.
- Familiarity with FISMA and CMMC authorization processes.
- Ability to review Python and understand code as it relates to security controls and automation efforts, and demonstrated ability to write Python scripts to support compliance automation.
- Experience working with a global team where the majority of team members are remote.
- Experience working with task planning tools like JIRA and Asana.
- Experience managing content throughout its lifecycle in the Microsoft Office 365 ecosystem.
- Project management experience where the key stakeholders are at the executive level.
These jobs might be a good fit
Amazon Security Engineer Customer Facing Services United States, Massachusetts, Boston
Share
A day in the life
This role an engaging mix of responsibilities across the entire lifecycle of a security feature set. You'll have the autonomy to take a use case from proposal to success definition and measurement, on to prototype implementation, and on to active collaboration for production delivery. You will interface with product managers, UX designers, software development engineers of all levels, and fellow security engineers across the organization.
- Bachelor's degree in computer science or equivalent
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Knowledge of up to date cloud risk scenarios and attack vectors
Preferred Qualifications
- Experience with AWS products and services
- Experience applying threat modeling or other risk identification techniques or equivalent
- Familiarity with AWS services and environments with knowledge of existing AWS logs sources
- Familiarity with cloud infrastructure and threats across other providers such as Microsoft Azure and Google Cloud Platform (GCP)
- Knowledge of the Open Cybersecurity Schema Framework (OCSF)
- Deep knowledge in security data use cases, SIEM, XDR, and SOAR solutions
- Excellent written and oral communication skills
These jobs might be a good fit
Share
This job is responsible for developing and supporting enterprise-wide information security policies, procedures, and standards. Key responsibilities include applying knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, and report on adherence to policy requirements. Job expectations include using data analytics and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.
LOB Overview:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Responsibilities:
Support the implementation and ongoing management of access provisioning solutions across enterprise platforms, ensuring alignment with security policies and regulatory requirements.
Apply working knowledge of Active Directory , Microsoft Azure, Amazon Web Services (AWS), and Mainframe , Oracle and SQL databases , file systems , and enterprise storage , with a focus on enforcing least privileged access .
Assist in maintaining access control policies , group structures , and role-based access models to support scalable and secure provisioning.
Collaborate with application owners and infrastructure teams to implement access requirements for new and existing systems.
Participate in automation initiatives to streamline provisioning and de-provisioning workflows , integrating with identity governance platforms and HR systems and IAM controls.
Conduct periodic access reviews , entitlement audits , and certification campaigns to ensure compliance and identify access anomalies.
Investigate and remediate access-related incidents, working closely with cybersecurity and risk teams to address vulnerabilities and improve controls.
Stay current with emerging IAM technologies, regulatory changes, and industry best practices to continuously enhance the access provisioning program.
Prepare metrics, reports, and recommendations to senior leadership and audit teams regarding access provisioning effectiveness and risk posture.
Required Qualifications:
3-5+ years experience in Identity and Access Management, with a focus on access provisioning across enterprise environments.
Working knowledge of Active Directory , Microsoft Azure AWS, Mainframe , Oracle Database , SQL Server , Windows and Unix file systems , and enterprise storage platforms .
Understanding of IAM governance frameworks , platforms ( e.g., SailPoint, Saviynt ) role-based access control (RBAC) , group policy management , and privileged access management (PAM) tools, CyberArk, Hashi Corp and Beyond Trust.
Experience with automated provisioning/de-provisioning workflows , including integration with HR systems to demonstrate proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes.
Familiarity with cloud infrastructure security and access controls in hybrid environments, particularly within Microsoft Azure AWS and Oracle Cloud .
Ability to conduct access reviews , entitlement audits , and risk assessments to identify and remediate access-related vulnerabilities.
Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams.
These jobs might be a good fit
