Jobs · Business Development · Texas

Sr Identity and Access Management Analyst

CB&I · The Woodlands, TX · 1 wk ago
Business DevelopmentFull-time

Responsibilities

  • Serve as a subject matter expert for IAM and SOX logical access controls across financial systems.
  • Administer and optimize IAM-based access governance, including provisioning workflows, lifecycle management, group structures, and access certifications.
  • Design and maintain scalable IAM frameworks aligned to least privilege, RBAC, segregation of duties (SoD), and SOX compliance requirements.
  • Execute and support SOX logical access controls, including provisioning, modifications, terminations, privileged access management, and user access reviews (UARs).
  • Partner with system owners and business stakeholders to validate the appropriateness and alignment of access with business responsibilities.
  • Maintain strong access governance controls by proactively reviewing and remediating access risks, including excessive access, orphaned accounts, stale memberships, and SoD conflicts.
  • Support audit readiness through documentation, evidence preparation, remediation tracking, and control support activities.
  • Collaborate on system implementations and enhancements to ensure IAM controls are embedded, scalable, and supportable.
  • Drive continuous improvement and automation opportunities across IAM governance and access management processes.
  • Manage end-to-end identity lifecycle processes (joiner, mover, leaver) for employees, contractors, and project-based users.
  • Provision and deprovision access across enterprise systems, engineering applications, and project platforms (e.g., JD Edwards, Autodesk platforms).
  • Maintain and support identity repositories including Microsoft Entra ID (Azure AD) and on-premises Active Directory.
  • Perform and support user access reviews, certifications, and remediation activities.
  • Implement and support authentication mechanisms including SSO, MFA, and conditional access policies.
  • Collaborate on IAM platform configuration, integrations, and enhancements (e.g., SailPoint, Okta, Microsoft Entra ID, CyberArk).
  • Automate provisioning workflows to improve efficiency and reduce manual processes.
  • Integrate IAM controls with cloud platforms (Azure, AWS) and SaaS applications, including federation and role mapping.
  • Provide guidance, training, and mentoring to IT staff and business stakeholders.

Qualifications

  • Bachelor’s Degree in Information Technology, Cybersecurity, or related field.
  • Industry certifications such as: CISSP or CISM; Microsoft SC-300 (Identity and Access Administrator) or other relevant IAM or security certifications.
  • 10+ Years of Information Technology experience.
  • 5+ years of hands-on experience in IAM, IT security, or infrastructure roles.
  • Strong hands-on experience with enterprise IAM platforms such as Microsoft Entra ID, Okta, SailPoint, or equivalent.
  • Demonstrated hands-on experience implementing and managing authentication, authorization, and federation technologies including SSO, MFA, SAML, OAuth 2.0, OpenID Connect, and directory services such as Active Directory and LDAP.
  • Demonstrated hands-on experience applying and supporting identity security principles and best practices including Zero Trust Architecture, adaptive authentication, conditional access policies, segregation of duties (SoD), and identity threat detection and response.
  • Demonstrated hands-on experience supporting cloud and hybrid identity architectures across platforms such as Azure AD (Entra ID), AWS IAM, and GCP IAM, including integration with on-premises environments.
  • Strong analytical, problem-solving, and communication skills.
  • Experience in Engineering, Procurement, and Construction (EPC) or industrial environments is desired.
  • Scripting or automation experience (PowerShell, Python).

Similar jobs