Risk and IAM Consultant

Job Description:

We are seeking an IAM Analyst who will own and optimize user access provisioning, privilege management, and entitlement lifecycle processes across our environment. This person will also manage established Third-Party Risk Management processes as well as Kanban board activity tracking for the EIS team. Coordinating with the Atlassian team, you will design and operate Jira-based request/approval workflows and automations that are aligned to least privilege and business needs. The ideal candidate blends hands-on IAM management experience with strong stakeholder communication, a continuous-improvement mindset, and a sense of urgency which aligns to our startup mindset.

Key Responsibilities:

· Access Provisioning & Lifecycle o Execute and enhance onboarding, transition, and termination processes.

· Provision/deprovision job-based entitlements across directories, applications, data platforms, and cloud resources, with a major focus on Epic EMR templates.

· Administer and coordinate privileged access. Jira Workflows & Automation

· Build/maintain Jira-based request forms for access, privilege elevation, and group membership changes.

· Implement approval chains and auto-routing using Jira workflow conditions, validators, and post-functions.

· Develop automation rules (Jira Automation / ScriptRunner / REST API) to synchronize request data with IAM platforms, directories, and applications, thereby reducing manual touchpoints.

· Instrument auditability: enforce required fields, reasons for access, evidence attachments, and immutable approval trails. IAM Platform Operations

· Execute access changes via Entra ID (Azure AD) and legacy Active Directory - manage groups, roles, app-specific local access controls.

· Support SSO & Federation (SAML/OIDC/OAuth2) and provisioning integrations (SCIM/API); troubleshoot authentication and provisioning failures.

· Run and improve access reviews/attestations (campaign setup, reminders, escalations, revocations) and produce closure evidence. Risk, Compliance & Controls

· Enforce least privilege, SoD, and need-to-know principles; maintain access control standards and role catalogs. Generate and maintain audit-ready evidence (tickets, approvals, logs, certifications) for audits (e.g., SOX, ISO 27001, SOC 2, HIPAA as applicable).

· Identify control gaps; propose and implement remediations, playbooks, and preventive controls. Metrics & Continuous Improvement

· Define and report IAM-related KPIs

Skills/Experience:

· Metrics & Continuous Improvement

· Define and report IAM-related KPIs

· Perform root cause analysis on failed/late requests; drive automation and standardization to reduce cycle time and error rates.

· Maintain clear runbooks, standards, and user-facing guidance. Third Party Risk Management

· Represent security interests during the TPRM process

· Operate and streamline TPRM reviews

· Minimum Qualifications 4+ years in Identity & Access Management, IT Security, or related field.

· Hands-on experience with Microsoft Entra, Active Directory, JIRA, and Privileged Identity Management (PAM)

· Strong proficiency building Jira workflows (conditions, validators, post-functions), Jira Automation, SLA configuration, queues, request forms, and custom fields. .

· Experience provisioning access via Epic templates

· Experience creating or consuming REST APIs, working with JSON, and using automation/integration tools (e.g., Power Automate, Azure Automation, ScriptRunner) Ability to produce audit-ready documentation and communicate with technical and non-technical stakeholders.

Required Skills:

· Familiarity with SCIM provisioning, app connector tuning, and entitlement mapping.

· Scripting skills (e.g., PowerShell, Python, Groovy for ScriptRunner) for automation and reporting.

Desired Skills:

· Certifications: CIAM, CompTIA Security+, CISA/CISM, CISSP

· Security-first thinking with pragmatism and delivery focus.