IAM Specialist

Overview

On Site
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - Long Term

Skills

sailpoint
IAM
CyberArk
IIQ

Job Details

Role: IAM Specialist

Location: New York, NY (onsite) (Only Local)

Role Summary

    1. We are seeking a seasoned Senior IAM Consultant to lead a comprehensive assessment of the identity landscape for a global financial services firm operating in the capital markets domain. The ideal candidate will bring extensive, hands-on expertise across the IAM, IGA, and PIM/PAM stack, with a strong understanding of regulatory mandates, entitlement risk, and control enforcement in trading environments. This role will work closely with security leadership, risk teams, and technical stakeholders across front, middle, and back-office operations.

    1. You will assess and help strengthen the client's Identity & Access Management program, ensuring alignment with zero-trust principles, least privilege enforcement, and capital markets regulatory obligations. Your insights will directly influence strategic initiatives around identity governance, privileged access management, and authentication frameworks in a high-risk, high-compliance environment.

Key Responsibilities:

    1. Work with a team to conduct a full-spectrum IAM assessment covering governance, operations, architecture, tools, and compliance alignment.
    1. Analyze identity lifecycle processes (JML joiner, mover, leaver) across both human and non-human identities; identify automation and control gaps.
    1. Evaluate enterprise-level IGA platforms (e.g., SailPoint, Saviynt, ForgeRock Identity Governance, Oracle Identity Manager) for policy alignment, role engineering, certification campaign efficacy, and SoD enforcement.
    1. Assess privileged access workflows across PAM solutions such as CyberArk, BeyondTrust, Delinea (formerly Thycotic), One Identity Safeguard, and AWS/Azure-native PIM capabilities.
    1. Conduct deep dives into Active Directory and Azure AD/AAD B2B/B2C architectures and synchronization flows (e.g., Azure AD Connect, SCIM).
    1. Validate authentication mechanisms-including SSO, MFA, biometric factors, and adaptive access policies-across federated and hybrid environments using protocols such as SAML 2.0, OIDC, OAuth2.0, and LDAP.
    1. Map regulatory requirements from SOX, SEC, FINRA, NYDFS 500, GLBA, and GDPR to IAM-specific controls and gaps.
    1. Identify identity-related risks in trade support systems, front-office platforms, OMS/EMS, and financial data pipelines.
    1. Produce maturity heatmaps, capability gap analyses, and a phased roadmap for IAM transformation aligned to security objectives and business risk.
    1. Guide improvements in policy management, access recertification, entitlement management, and RBAC/ABAC strategy.

Required Skills & Experience

    1. 7+ years of hands-on experience in IAM, security architecture, identity governance, or cloud access control implementation.
    1. In-depth experience with IGA platforms like SailPoint IdentityNow/IIQ, Saviynt, or ForgeRock Identity Cloud in enterprise implementations.
    1. Demonstrated deployment or engineering experience with PAM/PIM solutions, such as any one or more of:

o CyberArk PAS/EPM/CPM

o BeyondTrust Password Safe

o Azure Privileged Identity Management & similar solutions

    1. Deep technical proficiency with:

o Active Directory/Azure AD

o SSO/MFA/conditional access frameworks (Okta, Ping Identity, Microsoft Entra)

o Federation, provisioning connectors (SCIM, REST/SOAP APIs), and custom workflow orchestration

    1. Experience conducting IAM audits, regulatory control mapping, and identity risk assessments in capital markets or investment banking. Preferred Certifications
    1. Identity Governance & Administration

o SailPoint Certified IdentityNow/IIQ Engineer or Architect

o Saviynt Certified Implementation Specialist

o ForgeRock Identity Cloud Architect

    1. Privileged Access Management

o CyberArk Defender / S entry / Guardian

o BeyondTrust Certified Administrator

o Microsoft SC-300 or AZ-500 (with PAM focus)

    1. Security Architecture

o CISSP (Certified Information Systems Security Professional)

o CISM (Certified Information Security Manager)

    1. Cloud & Compliance

o AWS Security Specialty

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.