Analyst, Identity and Access Management

About The Position

Requirements

• Hands-on experience with identity directories and access controls (e.g., Active Directory and/or Entra ID) including users, groups, roles, and policies.
• Working knowledge of authentication and federation concepts (MFA, SSO, SAML 2.0, OAuth 2.0, OpenID Connect, LDAP).
• Understanding of access control fundamentals (least privilege, separation of duties, privileged vs. non-privileged accounts, service accounts).
• Experience using ticketing/workflow tools to manage requests, approvals, and audit trails.
• Experience with identity governance administration (IGA) tools (e.g., Saviynt, SailPoint) including access requests, provisioning integrations, and access certifications.
• Experience with PAM solutions (e.g., Saviynt, BeyondTrust, CyberArk) and privileged access workflows.
• Scripting/automation experience (PowerShell, Python) to automate provisioning tasks and reporting.
• Experience supporting compliance and audit requests (e.g., SOX, ISO 27001/27002, NIST, CMMC) and producing audit-ready evidence.
• Collaborate with other business units to analyze and improve processing procedures and resolve problems.
• Work with peers, business units and/or project teams, and vendors to ensure business needs are fully communicated, documented and satisfied.
• Monitor and analyze key performance indicators and establish processes and methodologies for preventative mitigation.
• Strong written and verbal communication skills, with the ability to explain IAM concepts to both technical and non-technical stakeholders.
• Ensure compliance with ABS standards and best practices.
• Performs other related duties as assigned.

Nice To Haves

• Preferably in a financial services organization.

Responsibilities

• Administer and support IAM platforms and core identity services (e.g., Microsoft Active Directory/Azure AD (Entra ID), SSO, MFA, directory integrations, and ABS Identity Hub).
• Execute identity lifecycle processes (joiner/mover/leaver), including account creation, updates, disablement, and timely deprovisioning based on approved requests according to standards.
• Support privileged access management (PAM) controls (e.g., privileged accounts, just-in-time access, break-glass procedures), including access request workflows and access reviews.
• Gather requirements for onboarding applications for provisioning access and access certifications, meeting appropriate controls.
• Analyze data in sources such as Ivanti ITSM, Active Directory, Entra ID, Oracle, etc. to provide use case input to stakeholders.
• Support business and technical stakeholders in transitioning to new IAM capabilities and services across various IAM domains such as Access Management, Identity Lifecycle Management and Privileged Access Management.
• Maintain continuous and strong security posture across all business and ABS IAM stakeholders via ongoing, proactive reviews of account access and authorization, and designing short- and long-term improvements to ensure violations are remediated.
• Create appropriate business test cases and test scripts and perform testing to ensure completeness.
• Assist stakeholders in understanding IAM capabilities and functions.

Benefits

• medical insurance (PPO and HD)
• dental and vision insurance
• Health Savings Account (HSA)
• Flexible Savings Account (FSA)
• life insurance
• accidental death and dismemberment insurance
• disability leave programs
• parental leave program
• paid holidays
• paid vacation time
• Employee Assistance Plan (EAP)
• 401K plan with a generous company match