Responsibilities
- Evaluate the overall security health of identity, network, cloud, and endpoint systems and report findings.
- Create and review security architectures using zero trust, least privilege, and layered defense principles.
- Assess the strength and compliance of access controls, authentication methods, and authorization frameworks.
- Examine change, configuration, and release management procedures to maintain secure system baselines.
- Help shape and execute IT security strategies that support business and technology goals.
- Deploy and verify technical controls that protect data confidentiality, integrity, availability, authentication, and accountability.
- Collaborate with identity specialists to build and enhance identity and privileged access management solutions.
- Establish role-based access, conditional access rules, and least privilege models across enterprise platforms.
- Support identity lifecycle processes such as onboarding, role changes, offboarding, and automated access provisioning.
- Deploy and test multi-factor authentication, passwordless login methods, and privileged session workflows.
- Carry out regular access reviews, entitlement validations, and audits of privileged accounts.
- Detect and correct identity risks including overprivileged accounts, inactive users, and flawed access policies.
- Conduct vulnerability scans and security evaluations in coordination with security operations teams.
- Manage vulnerability remediation through patches, configuration updates, or alternative controls.
- Address or formally document accepted risks from security assessments and audits.
- Verify that applications, infrastructure, and cloud services meet minimum security standards.
- Monitor evolving threats, identity-based attack techniques, and advancements in security technologies.
- Assess and suggest tools that enhance security monitoring and control performance.
- Keep current and accurate records of security designs, system diagrams, and operational runbooks.
- Deliver clear, practical security advice and risk intelligence to management.
- Assist in creating and enforcing security policies, standards, and procedures with governance and security teams.
- Ensure security practices comply with legal regulations and industry benchmarks.
Responsibilities
- Analyze and report on organizational security posture, including identity, endpoint, network, and cloud environments.
- Design and assess security architectures and control frameworks aligned to least privilege, zero trust, and defense‑in‑depth principles.
- Evaluate access controls, authentication mechanisms, and authorization models for effectiveness and compliance.
- Review configuration, change, and release management processes to ensure secure system configurations.
- Contribute to the development and execution of IT security strategies aligned with business and technology objectives.
- Implement and validate security controls to ensure confidentiality, integrity, availability, authentication, and non‑repudiation.
- Partner with Identity Engineers to implement, operate, and mature IAM and Privileged Access Management (PAM) platforms.
- Design and enforce role‑based access control (RBAC), conditional access, and least‑privilege models across enterprise systems.
- Support lifecycle identity management including joiner/mover/leaver processes and access provisioning automation.
- Implement and validate MFA, passwordless authentication, and privileged elevation workflows.
- Conduct periodic access reviews, entitlement certifications, and privileged account audits.
- Identify and remediate identity‑related risks such as excessive privileges, stale accounts, and misconfigured access policies.
- Perform vulnerability assessments and security reviews in partnership with SecOps.
- Coordinate remediation of vulnerabilities through patching, configuration changes, or compensating controls.
- Mitigate or document risk acceptance for security deficiencies identified during assessments or audits.
- Validate minimum security requirements for applications, infrastructure, and cloud services.
- Stay current on emerging threats, identity attack vectors, and security technologies.
- Evaluate and recommend tools to improve security visibility and control effectiveness.
- Maintain accurate security documentation, architecture diagrams, and operational procedures.
- Provide actionable security recommendations and risk insights to leadership.
- Support the development and enforcement of security policies, standards, and procedures in collaboration with GRC and Security teams.
- Ensure alignment with regulatory requirements and industry best practices.