Security Engineer REQ32-2

Role Overview

The IAM Operations Analyst is responsible for the day-to-day administration, support, and governance of Identity and Access Management (IAM) services across the organization. This role ensures that user and machine identities are managed securely and efficiently throughout their lifecycle, while maintaining compliance with internal policies, regulatory requirements, and security standards. The successful candidate will work closely with IT, Security, and business stakeholders to deliver reliable IAM services and support ongoing access governance initiatives.

Key Responsibilities

IAM Operations

• Manage the daily operations of IAM platforms, including identity provisioning, de-provisioning, modifications, and lifecycle management for user and machine accounts.
• Administer and maintain Active Directory (AD) and LDAP directory services, ensuring the accuracy and integrity of identity records across the environment.
• Operate, configure, and support One Identity solutions, including troubleshooting, maintenance, and issue resolution.
• Process and fulfill access requests in accordance with established approval workflows, security policies, and service level agreements (SLAs).
• Monitor IAM systems and services to identify operational issues, policy violations, anomalies, and potential security threats, escalating and resolving incidents as required.
• Maintain and update operational documentation, including procedures, configurations, access records, and runbooks.
• Support ongoing platform maintenance activities, upgrades, and operational improvements to ensure service availability and performance.

Access Governance & Compliance

• Support periodic user access reviews, certification campaigns, and IAM audits to ensure appropriate access controls are maintained.
• Identify, assess, and assist in remediating access-related risks and policy exceptions.
• Track IAM-related remediation actions and provide status updates to stakeholders and management.
• Generate and maintain reports on access activities, identity lifecycle events, compliance metrics, and audit requirements.
• Ensure IAM processes align with internal security standards, regulatory requirements, and governance frameworks.

Stakeholder Support & Service Delivery

• Act as the primary operational contact for IAM-related requests, incidents, and inquiries from users, business teams, and IT stakeholders.
• Provide timely troubleshooting and resolution of IAM issues while maintaining a high level of customer service.
• Collaborate with Infrastructure, Security, Application, and Service Desk teams to ensure access controls remain aligned with business and security requirements.
• Support knowledge transfer, operational continuity, and service stability as IAM initiatives and resources transition between projects and operational teams.
• Contribute to continuous improvement efforts by identifying opportunities to enhance IAM processes, automation, and service quality.

Qualifications & Experience

Required

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent work experience.
• 2–5 years of experience in Identity and Access Management, IT Operations, or Information Security.
• Hands-on experience administering Active Directory, LDAP, and enterprise IAM solutions.
• Experience supporting identity lifecycle management, access provisioning, and access governance processes.
• Understanding of authentication, authorization, RBAC, least privilege, and identity governance principles.
• Strong troubleshooting, analytical, and problem-solving skills.
• Excellent communication and stakeholder management skills.

Preferred

• Experience with One Identity Manager, One Identity Safeguard, or other One Identity products.
• Knowledge of IAM governance frameworks, audit processes, and regulatory requirements.
• Familiarity with Azure AD / Entra ID, SSO, MFA, and privileged access management (PAM) solutions.
• Experience with scripting or automation tools such as PowerShell.
• Relevant certifications such as Security+, SC-300, CISSP, or Identity Management certifications.