job summary:
Experience with Database structures, Salesforce, certificate management, and federation metadata.
Scripting or query skills (e.g., SQL) for reporting.
location: Merrimack, New Hampshire
job type: Contract
salary: $66 - 67 per hour
work hours: 8am to 5pm
education: Bachelors
responsibilities:
Entitlement Strategy & Role Definition
- Collaborate with business, data, architecture, product, and cybersecurity teams to: Define user roles, entitlement groups, and access levels based on business functions and security requirements.
- Establish naming conventions and taxonomy for entitlements to ensure clarity and scalability.
- Document and maintain user flows for all personas requiring functional authorization across environments.
Governance & Policy Alignment - Ensure entitlement structures follow security policies, regulatory requirements, and governance frameworks
- Identify and remediate outdated or excessive entitlements; drive cleanup of unused data/applications.
- Document policies, standards, and approval workflows; maintain accountability with governance bodies.
- Partner with Cybersecurity and Risk teams to identify and document access risks or policy violations.
- Support remediation planning with ongoing or future audits.
- Maintain audit-ready documentation and partner with Cybersecurity and Risk teams to address access risks and support compliance remediation.
Cross-Functional Enablement - Validate technical artifacts for secure identity federation (metadata, certificates, endpoints, stored procedures) and ensure entitlements integrate correctly with IAM and platform systems.
- Maintain traceability between business roles and system access while understanding authorization enforcement models.
- Provide business and technical requirements for current and future use cases.
- Coordinate with Digital Security teams for policy enforcement and technical controls.
- Facilitate communication across business units, technical teams, governance, and partners to ensure alignment and support product area priorities.
Core IAG Operations - Maintain accurate records of user accounts, roles, and entitlements; enforce RBAC and least privilege principles.
- Lead access request workflows, approvals, and exceptions.
- Ensure identity activities are logged and auditable; prepare compliance reports and conduct periodic access reviews.
- Document and maintain policies for provisioning, de-provisioning, and role management, support segregation of duties analysis.
- Use IAG tools for reporting; develop and maintain dashboards and metrics.
- Deliver training and mentorship on identity governance policies and collaborate with IT, Security, and Audit teams.
qualifications:
Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or equivalent experience.
10+ years Systems Analysis experience with 3-5 years in Identity & Access Management/Governance, or related security/IT roles.
Experience with Entitlement Hierarchy, RBAC, or audit evidence creation.
Familiarity with compliance frameworks
Proficiency with data analysis and documentation; ability to interpret and maintain entitlement organization and classification.
Strong stakeholder management and communication skills across business and technical audiences.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).
This posting is open for thirty (30) days.
![]()
Never miss an opportunity! Create an alert based on the job you applied for.
