Identity and Access Management Analyst I

Position Title: Identity and Access Management Analyst I

Salary Range: $78,000 - $90,000/year

Department: Information Technology

Reports to: Manager, Identity and Access Management

Location: Remote

Schedule: Monday- Friday, 35 hours

Formerly the Mental Health Association of New York City (MHA-NYC), Vibrant Emotional Health’s groundbreaking solutions have delivered high quality services and support, when, where and how people need it for over 50 years. Through our state-of-the-art technology-enabled services, community wellness programs, and advocacy and education work, we are building a society in which emotional wellness can be a reality for everyone.

Position Summary

Vibrant is looking for an Analyst I, Identity Access Management (IAM) to join our Cybersecurity team as it grows. You will report directly to the Manager, IAM. This role will be involved in day-to-day operations of the in-place security solutions. You will be responsible for playing a key role in protecting the confidentiality, integrity, and availability of all company data and systems. This may include the identification, investigation, and resolution of security incidents detected by those systems. Projects may include implementation of new IAM security solutions, participation in the creation and/or maintenance of IAM security policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. You will assist in maintaining the integrity of our current Identity and access management systems. The IT Security Analyst I, IAM is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. **

Duties/Responsibilities**

Strategy & Planning

• Participate in the planning and design of enterprise security architecture with a primary focus on Identity Access and Management of IAM.
• Participate in the creation of enterprise security documents in IAM (policies, standards, baselines, guidelines, and procedures).
• Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan.
• Participate in the design and implementation of access controls, authorization rules, and role-based access policies.
• Participate in in the designing and implementation of role-based access policies leveraging systems such as Okta, AWS, Azure, GCP, Microsoft AD etc.

Acquisition & Deployment

• Maintain up-to-date, in-depth knowledge of the Cybersecurity industry, with a particular emphasis on Identity and Access Management (IAM) security. This includes awareness of new or enhanced security solutions, improvements in IAM security processes, and the evolving landscape of attacks and threat vectors.
• Assist with recommending additional Identity and Access Management (IAM) security solutions or enhancements to existing security solutions, aiming to improve overall enterprise security.
• Assist in the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
• Collaborate with application owners and leadership to address any technical issues involved in deploying, governing, and extending identity services where suited.

Operational Management

• Maintain up-to-date baselines using industry standard frameworks such as CIS and CSA for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).
• Maintain operational configurations of all in-place security solutions as per the established baselines and industry best practices.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
• Respond to tickets for addressing security concerns, vulnerabilities, and end-user reported issues.
• Participate in investigations into problematic activity.
• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
• Provide on-call support for end users, including support for all in-place Identity and Access Management (IAM) security solutions.
• Partner with AppDev to identify and remediate vulnerabilities in Applications.
• Assist in reviewing and processing access requests submitted by employees or departments, ensuring they comply with IAM and Security policies.
• Assist in the configuration, maintenance, and optimization of IAM systems and related tools to ensure efficient user access and security controls.
• Enforcing access control policies and ensuring that users have the appropriate level of access to systems and data.
• Manage the user lifecycle, including onboarding, role changes, and offboarding processes. Ensure timely provisioning and de-provisioning of user accounts.
• Reviewing and auditing IAM logs and record any security compliance, tracking, and reporting incidents

Required Skills/Abilities

Knowledge & Experience

• General knowledge of security frameworks and controls such as: NIST (CSF, SP 800-53, SP 800-171), CIS, CSA, ISO27000.
• Some experience with security systems and tools that may include: Firewalls, WAF, SIEM, SOAR, MDR, IAM, PAM/PIM, Network Packet sniffers, Nmap, IDS/IPS, SAST/DAST Burp Suite.
• Some experience with Encryption, Antivirus/Malware, Penetration Testing, Source Code Scanning.
• Some experience with IAM concepts such as user provisioning, authentication, authorization, access control, and identity lifecycle management
• Some technical knowledge of Cloud and SaaS security solutions and tools.
• Basic understanding of IP, TCP/IP, and other network administration protocols.
• Basic understanding of IAM lifecycle management, security controls and system configurations for technologies such as: AWS, Azure, GCP, Microsoft AD.
• Some experience working with IAM solutions, such as Okta, Active Directory, LDAP, or IAM software.
• Knowledge of various authentication methods, including multi-factor authentication (MFA), biometrics, and single sign-on (SSO)

Personal Attributes

• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Ability to effectively organize your tasks and manage priorities.
• Highly self-motivated and directed.
• Self-started but have the ability to work with a team(s).
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

Experience

Required Qualifications:

• Minimum 2 years working in an Identity Access Management role
• Minimum 1 years of experience in network, server and data storage security technologies recommended
• Minimum 1 years of prior experience with Cloud-based security technologies required.
• Preferred experience implementing and assessing Industry Security Standards including HIPAA HITECH, GDPR HITRUST, FISMA, IS027K, PCI, NIST, etc.
• Minimum 1 year of prior experience with protocols such as 0Auth 2.0, OpenID Connect, and SAML.
• Some experience with Penetration Testing and Malware Reverse Engineering as a nice to have but not required.

Formal Education & Certification

• College diploma or university degree in Cybersecurity or other computer technology degree and/or two years equivalent work experience.
• One or more of the following certifications or the ability to obtain one or more of the following certifications within specified timeframe after employment.

○ CompTIA Security+

○ GIAC Information Security Fundamentals

○ Okta Certified Professional

○ AWS Certified Security - Specialty

○ Microsoft Certified Systems Administrator: Security

○ Associate of (ISC)2 or CISSP

○ ISACA CISA or CISM **

Physical Requirements**

• NA

Excellent comprehensive benefits, including medical, dental, vision, supplemental income insurance, pre-tax transit/parking, pre-tax FSA for medical and dependent care, and 401K available. 4 weeks’ vacation, plum benefits, etc.

Studies have shown that women and people of color are less likely to apply for jobs unless they believe they are able to perform every task in the job description. We are most interested in finding the best candidate for the job, and that candidate may be one who _comes from a less traditional background. Vibrant will consider any equivalent combination of knowledge, skills, education and experience to meet minimum qualifications. If you are interested in applying, we encourage you to think broadly about your background and skill set for the role.

_ Vibrant Emotional Health is an equal opportunity employer. Applicants are considered for positions without regard to veteran status, uniformed service member status, race, creed, color, religion, gender, gender identity, sex, sexual orientation, citizenship status, national origin, marital status, age, physical or mental disability, genetic information, caregiver status or any other category protected by applicable federal, state or local laws.