Information Security Analyst II

Location: Remote (Allowed States)

• Bachelors degree in Computer Science or a related field, or equivalent experience
• Equivalent experience: 1 year of relevant technical experience for each year of required education

• 25 years of experience in information security or a related IT discipline
• Strong understanding of Information Security principles, including Least Privilege, Privileged Access Management (PAM), and Risk Management
• Hands-on experience with access provisioning, identity lifecycle management, or IAM operations

• Preferred certifications: CISSP, CISM, or equivalent
• Knowledge of industry security frameworks such as ISO/IEC 27001/27002, HITRUST, and NIST Cybersecurity Framework
• Strong understanding of security methodologies and best practices
• Ability to support project initiatives, including documentation and operational deliverables
• Experience working with vendors for issue resolution and product enhancements

• Manage Active Directory objects, including groups, service accounts, distribution lists, and shared mailboxes
• Maintain directory attributes and identity data for provisioning and governance
• Update account ownership, approvers, and access metadata within IAM/IGA tools (e.g., Saviynt)
• Coordinate with stakeholders to obtain approvals for service account access
• Provision and manage access aligned with least privilege principles
• Onboard and manage service accounts in password vaults (e.g., CyberArk), including safes and Application IDs
• Support service account governance, including ownership validation and password rotation
• Implement access control models such as RBAC and ABAC
• Prepare, validate, and manage data for bulk uploads into IAM/IGA systems
• Troubleshoot access and identity-related issues across systems and applications
• Collaborate with business and technical teams to translate access requirements into solutions
• Maintain IAM documentation and contribute to process improvements

• Strong experience with Active Directory administration and directory structures
• Experience in hybrid identity environments (on-premises AD and Microsoft Entra ID)
• Hands-on experience with IGA tools (e.g., Saviynt)
• Experience with password vault solutions such as CyberArk
• Knowledge of service account lifecycle management and governance
• Strong understanding of RBAC and ABAC models
• Advanced Excel skills for data validation and manipulation
• Strong troubleshooting skills across IAM tools and infrastructure
• Experience with APIs and system integrations
• PowerShell scripting (including AD modules)
• Familiarity with SSO, federation, and modern authentication methods
• General understanding of security, infrastructure, and cloud platforms