Identity Security Posture Management (ISPM) Specialist

About The Position

Requirements

• Bachelor's degree or an equivalent mix of education and experience in Information Cyber Security, Risk Management and Governance Risk and Compliance.
• 7+ years of relevant experience in third-party cyber and data risk management and conducting third-party cyber and data risk assessments.
• Experience with reviewing and negotiating cyber and data security contract language.
• Expert knowledge of cyber and data security and risk disciplines and practices.
• Advanced knowledge of technology controls, security, and risk issues.
• Strong eye for detail and ability to successfully manage and conduct third-party cyber and data assessments, gather evidence, and coordinate risk remediation responses.
• A team player with strong collaboration skills and the ability to work with minimal supervision.
• Ability to leverage strong verbal, written communication skills to collaborate with cross-functional teams.
• Strong analytical and problem-solving skills capable of managing projects that drive business objectives.
• Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
• Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization, and outside vendors.
• 5+ years in identity security, IAM/IGA, security operations, or security risk management with hands-on exposure to identity platforms.
• Working knowledge of identity concepts: authentication, authorization, RBAC/ABAC, privileged access, service accounts, identity lifecycle, entitlement models, and access reviews.
• Experience interpreting identity-related findings and coordinating remediation with technical and business stakeholders.
• Familiarity with at least two of the following areas: Entra ID/Azure AD, Active Directory, SailPoint (or equivalent IGA), CyberArk (or equivalent PAM), AWS/Azure identity constructs, common SaaS admin models.
• Strong documentation and reporting skills (evidence packs, dashboards, executive-ready summaries).

Nice To Haves

• Experience with ISPM/identity exposure tooling (identity threat detection, entitlement risk, posture management, attack path analysis).
• Experience in regulated industries (insurance, financial services, healthcare) and audit support (SOX/ITGC, NYDFS, GLBA).
• Practical automation skills (PowerShell, Python, KQL, APIs) to streamline posture checks and reporting.
• Certifications (nice to have): Security+, SSCP, CISSP (or associate), GIAC IAM-related, Microsoft/AWS security certifications.

Responsibilities

• Identity posture monitoring & exposure management Operate and mature the Identity Security Posture Management capability (ISPM) to discover identity exposures across Identity Providers (e.g., Entra ID/AD), SaaS applications, cloud environments, and critical business systems.
• Identify and track identity security issues such as excessive privileges, dormant accounts, misconfigured admin roles, weak authentication enforcement, privilege escalation paths, and risky third-party access.
• Maintain an Identity Exposure Register with severity, business impact, owner, remediation plan, and due dates; enforce SLA-based remediation for critical findings.
• Risk prioritization & remediation orchestration Triage and prioritize findings using risk-based methods (e.g., likelihood/impact, exploitability, business criticality).
• Coordinate remediation with system owners: role redesign, least privilege enforcement, MFA coverage improvements, privileged role controls, conditional access, and entitlement clean-up.
• Drive reduction of inappropriate combinations and segmentation-of-duties issues where relevant.
• Controls, audit, and compliance enablement Provide evidence to support identity-related controls (e.g., privileged access governance, MFA enforcement, access review/UAR posture, joiner-mover-leaver quality, service account governance).
• Produce audit-ready reporting and artifacts for internal audit and external auditors (SOX/ITGC/GITC reliance, regulator exams).
• Ensure posture findings are connected to policy/standard requirements and tracked through governance workflows.
• Telemetry, metrics, and executive reporting Build and maintain ISPM dashboards and KRIs (e.g., privileged role sprawl, stale privileged accounts, MFA coverage, high-risk entitlements, remediation cycle time).
• Present posture trends and remediation progress to Identity Security & Governance leadership and stakeholders (CISO org, IT, app owners).
• Integration & automation Partner with engineering teams to integrate ISPM insights with ticketing/workflow tools (e.g., Axonius, ServiceNow/Jira), SIEM/SOAR, IGA (e.g., SailPoint), and PAM (e.g., CyberArk).
• Automate repeatable posture checks where possible (APIs, scripts, scheduled reports), and document repeatable playbooks/runbooks.
• Collaboration & stakeholder enablement Act as a trusted advisor to application and infrastructure teams on identity security best practices (least privilege, role design, privileged access, authentication hardening).
• Contribute to identity governance operating procedures, playbooks, and standard updates.

Benefits

• Qualify for your choice of health and dental plans within your first month.
• Save for your future with robust 401(k) match, Health Spending Accounts and various retirement plans.
• Learn and Grow with our Tuition Assistance Program, paid certifications and continuing education programs.
• Contribute to your community through United Way and volunteer programs.
• Balance your life with generous paid time off and business casual dress.
• Get employee discounts for shopping, dining and travel through Kemper Perks.