Job Description:
We are seeking an IAM Analyst who will own and optimize user access provisioning, privilege management, and entitlement lifecycle processes across our environment. This person will also manage established Third-Party Risk Management processes as well as Kanban board activity tracking for the EIS team. Coordinating with the Atlassian team, you will design and operate Jira-based request/approval workflows and automations that are aligned to least privilege and business needs. The ideal candidate blends hands-on IAM management experience with strong stakeholder communication, a continuous-improvement mindset, and a sense of urgency which aligns to our startup mindset.
Key Responsibilities:
· Access Provisioning & Lifecycle o Execute and enhance onboarding, transition, and termination processes.
· Provision/deprovision job-based entitlements across directories, applications, data platforms, and cloud resources, with a major focus on Epic EMR templates.
· Administer and coordinate privileged access. Jira Workflows & Automation
· Build/maintain Jira-based request forms for access, privilege elevation, and group membership changes.
· Implement approval chains and auto-routing using Jira workflow conditions, validators, and post-functions.
· Develop automation rules (Jira Automation / ScriptRunner / REST API) to synchronize request data with IAM platforms, directories, and applications, thereby reducing manual touchpoints.
· Instrument auditability: enforce required fields, reasons for access, evidence attachments, and immutable approval trails. IAM Platform Operations
· Execute access changes via Entra ID (Azure AD) and legacy Active Directory - manage groups, roles, app-specific local access controls.
· Support SSO & Federation (SAML/OIDC/OAuth2) and provisioning integrations (SCIM/API); troubleshoot authentication and provisioning failures.
· Run and improve access reviews/attestations (campaign setup, reminders, escalations, revocations) and produce closure evidence. Risk, Compliance & Controls
· Enforce least privilege, SoD, and need-to-know principles; maintain access control standards and role catalogs. Generate and maintain audit-ready evidence (tickets, approvals, logs, certifications) for audits (e.g., SOX, ISO 27001, SOC 2, HIPAA as applicable).
· Identify control gaps; propose and implement remediations, playbooks, and preventive controls. Metrics & Continuous Improvement
· Define and report IAM-related KPIs
Skills/Experience:
· Metrics & Continuous Improvement
· Define and report IAM-related KPIs
· Perform root cause analysis on failed/late requests; drive automation and standardization to reduce cycle time and error rates.
· Maintain clear runbooks, standards, and user-facing guidance. Third Party Risk Management
· Represent security interests during the TPRM process
· Operate and streamline TPRM reviews
· Minimum Qualifications 4+ years in Identity & Access Management, IT Security, or related field.
· Hands-on experience with Microsoft Entra, Active Directory, JIRA, and Privileged Identity Management (PAM)
· Strong proficiency building Jira workflows (conditions, validators, post-functions), Jira Automation, SLA configuration, queues, request forms, and custom fields. .
· Experience provisioning access via Epic templates
· Experience creating or consuming REST APIs, working with JSON, and using automation/integration tools (e.g., Power Automate, Azure Automation, ScriptRunner) Ability to produce audit-ready documentation and communicate with technical and non-technical stakeholders.
Required Skills:
· Familiarity with SCIM provisioning, app connector tuning, and entitlement mapping.
· Scripting skills (e.g., PowerShell, Python, Groovy for ScriptRunner) for automation and reporting.
Desired Skills:
· Certifications: CIAM, CompTIA Security+, CISA/CISM, CISSP
· Security-first thinking with pragmatism and delivery focus.