Cybersecurity IAM Analyst

We are seeking a Cybersecurity IAM Analyst with a strong focus on modern authentication, Zero Trust, and identity security controls. This position operates within a large-scale, highly regulated, and heavily audited environment, requiring alignment to cybersecurity frameworks and the ability to deliver solutions that meet both security and compliance requirements. This role provides technical knowledge and experience, supports key IAM initiatives, and partners across teams to deliver measurable improvements in identity security and authentication practices.

• Quickly assesses the current IAM and authentication landscape and identifies high-impact opportunities for improvement

• Drives adoption of phishing-resistant MFA and passwordless authentication

• Reduces reliance on legacy authentication methods

• Improves visibility and control over identity-related risk

• Partners effectively with others within Cybersecurity and infrastructure teams to implement practical, scalable identity security solutions

• Influences enterprise-wide improvements in identity governance and access controls

• Leads initiatives with a high degree of ownership while collaborating across teams in a complex, heavily regulated environment

• Builds credibility with stakeholders by delivering clear progress, tangible outcomes, and improved security posture

• Delivers measurable improvements within the first 6 - 12 months, particularly in authentication strength, identity risk reduction, and access control maturity

• Support identity platforms so they operate with high reliability and availability, assist with system upgrades and change activities in alignment with change management processes to minimize business impact.

• Provide support for IAM-related incidents and escalations, partnering with operational teams to resolve issues.

• Develop an understanding of IAM and security concepts, both technical and non-technical

• Communicate in a clear, concise, confident, and well-organized manner through verbal, written, and/or visual means

• Support the implementation of IAM solutions, follow processes and procedures, and understand the Company policies.

• Support efforts to modernize authentication and identity security controls

• Collaborate with security teams to mitigate identity-based risks

• Occasionally work outside of standard business hours to support critical IAM activities, including system maintenance and urgent issues requiring advanced support

• Perform other IAM-related duties as needed to support the evolving business, security, regulatory requirements, and Company goals

• Travel as needed, less than 5%

• Hands-on and working knowledge with:

• Designing and implementation of Microsoft Entra ID and components

• Multi-domain Active Directory (on-premise) and hybrid identity environments

• Designing Conditional Access and MFA solutions

• Implementing and supporting Azure Self-Service Password Reset (SSPR)

• Designing and managing PowerShell/Graph API scripts

• Strong understanding and working knowledge of authentication concepts and identity security best practices

• Excellent verbal, written and presentation communication skills in English

• Ability to multitask across multiple projects

• Eight years of experience with Windows 2012 through 2022, managing multi-domain forests

• Six years of experience with Microsoft Certificate Services for Public Key Infrastructure (PKI) management

• Six years of experience supporting Active Directory Group Policies (GPO), Active Directory Federation Services (ADFS), and Entra ID Connect

• Six years of experience supporting Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)

• Four years of experience designing, creating and maintaining Azure Conditional Access Policies

• Four years of experience designing, creating and managing PowerShell/Graph API scripts

• Three years of experience supporting Privileged Account Management (PAM) systems

• Two years of experience supporting Windows Hello for Business

• Skill in assessing security controls based on cybersecurity principles (e.g., CIS CSC, CMMC, NIST SP 800-53, Cybersecurity Framework, etc.).