Identity Security Analyst (Seasonal)

About The Position

Requirements

• Bachelor’s degree in Information Technology, Information Security, Cybersecurity, Computer Science, or a related field.
• Basic understanding of Active Directory, Azure Active Directory, and LDAP.
• Knowledge of authentication and authorization protocols such as SSL/TLS, SAML, OAuth, SCIM, XML Signing & Encryption, JWT Tokens.
• Understanding of security headers like CORS, CSP, and Cookies/Local Storage.
• Ability to execute tasks accurately and maintain confidentiality with sensitive information.
• Strong written and verbal communication skills, with the ability to explain technical concepts to various audiences.
• Basic scripting skills (e.g., Bash, Python) and familiarity with data formats like JSON and XML are advantageous.
• Eager to learn and grow within the field of identity security.
• Strong problem-solving skills and attention to detail.
• Ability to work collaboratively within a team environment.

Nice To Haves

• Familiarity with Identity and Access Management (IAM) solutions is a plus.
• Comfortable interacting with REST or GraphQL APIs using tools like Postman or Insomnia is a plus.
• Professional training or certifications in Identity and Access Management are a plus.
• Previous experience in an entry-level security role or as a technical information security consultant is beneficial but not required.

Responsibilities

• Compliance & Integrity
• Follow applicable laws, regulations, and internal policies.
• Act with integrity and respect in all tasks and interactions.
• Application Management
• Assist in identifying and managing shadow applications used within the organization.
• Support the implementation of single sign-on (SSO), multi-factor authentication (MFA), and user provisioning/deprovisioning processes.
• AppStore Enrollment
• Help enroll SSO-enabled applications into our AppStore.
• Facilitate employee access requests and automate approval workflows to ensure timely access to necessary applications and permissions.
• Request Handling
• Track and process requests related to app assignments, integrations, API scopes, service accounts, and developer access efficiently.
• Security Incident Prevention
• Support efforts to prevent security incidents by analyzing identity security risks.
• Document and communicate actionable remediation steps to relevant stakeholders.
• Attack Mitigation
• Assist in identifying and responding to security attacks.
• Support the implementation of security improvements and apply industry best practices.
• Policy & Configuration Management
• Help assess and implement requested security policy and configuration changes.
• Update Identity and Access Management (IAM) systems as needed.
• Security Solutions Development
• Contribute to the development and communication of plans for new security solutions.
• Assist with proof-of-concept (POC) requirements and technical evaluations.
• Continuous Learning
• Stay updated on MITRE ATT&CK tactics and techniques.
• Keep abreast of the latest trends and news in the Information Security industry and share insights with the team.