Senior Cyber Specialist – Product Identity and Access Management

Immediate need for a talented Senior Cyber Specialist – Product Identity and Access Management .  This is a 06+months contract with the possibility of extension or conversion to hire opportunity and is in Abbott Park, IL (OR) St. Paul MN (Onsite). Please review the job description below and contact me ASAP if you are interested.
 
Job Diva ID: 26-05808
 
Pay Range: $65-$75/hr . Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location).
 
Key Responsibilities: -

• Establish and maintain product cybersecurity standards for device to device (D2D), service to service (S2S), third party, and consumer identity interactions based on global industry guidance.
• Support the design and review of identity architectures across cloud, mobile, and connected device platforms.
• Evaluate how identity, trust, certificates, and credentials are established, stored, rotated, and validated in medical devices and supporting services.
• Assess and recommend secure usage of OAuth 2.0, OpenID Connect, SAML, and other federation protocols across identity workflows.
• Ensure the adoption of secure consumer identity and access management (CIAM) practices with low friction consumer onboarding and identity verification while validating strong authentication, account recovery, and authorization flows.
• Develop implementation frameworks and promote adoption of phishing resistant authentication for consumer and clinical use cases.
• Assess security of Device to Device (D2D) identity mechanisms within connected medical devices, including mTLS, secure provisioning, hardware rooted identity, secure firmware validation, and device authorization flows.
• Evaluate Service to Service (S2S) workload identity models, token exchange flows, secure API authentication, and Zero Trust segmentation to protect backend and ecosystem integrations.
• Develop and maintain secure session management standards covering session authentication, token lifecycle controls, timeout and re authentication policies, session integrity protections, and secure storage of session credentials.
• Validate identity and authentication controls for external partners, vendor platforms, and ecosystem integrations to ensure secure interoperability with product solutions.
• Evaluate trust relationships established via SAML, OIDC, and OAuth federation to ensure proper configuration and token integrity.
• Participate in threat modeling activities focused on authentication flows, credential misuse scenarios, and ecosystem trust boundaries.
• Support teams in identifying identity and access management risks and recommending effective mitigations.
• Define requirements for identity‑related security logging, anomaly detection, and telemetry to support monitoring of authentication, authorization, and device trust events.
• Perform IAM maturity assessments across product lines and recommend strategic improvements to identity architectures, trust boundaries, and credential governance.
• Develop and maintain reusable IAM reference architectures, threat models, and design blueprints to support consistent, secure identity implementations across product teams.
• Work closely with engineering, product, cybersecurity, and external partners to ensure consistent application of IAM standards and secure design patterns across product teams.
• Assist with drafting and reviewing authentication and authorization content for FDA cybersecurity submissions.

Key Requirements and Technology Experience: 

• Key skills: -  5+ years of experience in Cybersecurity, identity architecture, access management, cybersecurity, or technology PCB work
• Establish and maintain product cybersecurity standards
• Hands on experience assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth)
• Experience with mTLS, certificate-based authentication, and OAuth device flows for medical device or IoT ecosystems
• 5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of identity and access management authentication governance and controls.
• Deep understanding of authentication, authorization, identity lifecycle management, and machine identity management.
• Knowledge of digital identity standards such as NIST SP 800 63B.
• Hands on experience assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth).
• Familiarity with modern authentication technologies, including WebAuthn and Passkeys.
• Experience with mTLS, certificate based authentication, and OAuth device flows for medical device or IoT ecosystems.
• Understanding of secure hardware identity components (TPM, TEE, Secure Element) and attestation technologies.
• Knowledge of regulatory frameworks affecting consumer identity (GDPR, CCPA, HIPAA, PCI DSS).
• Experience conducting risk assessments, compliance audits, and governance reporting.
• Strong collaboration and influencing skills, with the ability to work effectively across technical and business teams.
• Excellent written and verbal communication abilities, capable of tailoring information for diverse audiences.
• Strong analytical and problem solving skills, with the ability to manage multiple priorities.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or related field.
• Preferred certifications: CISSP, CISA, CIAM, or equivalent.
• Strong preference for candidates with identity and access management design experience spanning on or more of the following: e commerce, mobile apps, IoT, or medical devices.
• Preferred certifications include CISSP, HCISPP, CISM, CIAM, CISA, or similar industry-recognized certifications.

Our client is a leading Healthcare Industry , and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration
Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy .