Identity & Access Management Analyst II
Duquesne Light Company · Pittsburgh, PA · 1 mo ago
Business DevelopmentFull-time
Responsibilities
- Execute end-to-end identity lifecycle processes (Joiner, Mover, Leaver)
- Provision, modify, and revoke access across enterprise and regulated systems
- Enforce least privilege access for both privileged and non-privileged users
- Identify and remediate: Orphaned accounts, excessive or inappropriate access, segregation of duties conflicts
- Maintain alignment between HR systems, IAM platforms, directories, and applications
- Support and execute access governance controls aligned to regulatory frameworks (e.g., NERC CIP, SOX, SOC)
- Perform access certifications and recertifications
- Support audit activities, evidence collection, and remediation tracking
- Ensure access changes are properly approved, documented, and audit-ready
- Identify and escalate control gaps, policy exceptions, and risks
- Administer and support: Active Directory (on-premises) and Azure AD / Entra ID
- User accounts, groups, roles, and service accounts
- Manage MFA solutions (e.g., RSA or similar): Token provisioning, revocation, and tracking
- Support access across infrastructure, applications, and databases
- Own and manage IAM-related service requests and incident queues
- Own and manage ITSM/ticket-based environments
- Partner with Service Desk teams to improve request quality and consistency
- Coordinate with vendors and application teams for access-related activities
- Perform other job-related duties as assigned
Qualifications
- Bachelor’s degree in Information Systems, Cybersecurity, or related field
- 2+ years of relevant experience required
- Hands-on experience with: Identity lifecycle management (JML), access provisioning and deprovisioning, Active Directory and Azure AD
- Experience supporting audit and compliance frameworks (e.g., SOX, SOC, ISO)
- Working knowledge of: RBAC and least privilege principles, ITSM/ticket-based environments, MFA technologies
- Strong analytical, troubleshooting, and problem-solving skills
- Ability to work independently and take ownership of responsibilities
Preferred Qualifications
- Experience in regulated industries (utilities, energy, financial services, healthcare)
- Familiarity with NERC CIP standards and critical infrastructure environments
- Experience with: Identity Governance platforms (e.g., SailPoint), SAP access provisioning and role governance, SQL-based analysis and reporting
- Scripting/automation experience (PowerShell, Python)
- Experience managing privileged, shared, and service accounts
- Relevant certifications (e.g., Security+, IAM or SailPoint certifications)