Sr. Cybersecurity Specialist

DivIHN (pronounced divine ) is a CMMI ML3-certified Technology and Talent solutions firm. Driven by a unique Purpose, Culture, and Value Delivery Model, we enable meaningful connections between talented professionals and forward-thinking organizations. Since our formation in 2002, organizations across commercial and public sectors have been trusting us to help build their teams with exceptional temporary and permanent talent.

Visit us at to learn more and view our open positions.

For further inquiries regarding the following opportunity, please contact our Talent Specialist:
Meghna at

• The Senior Cybersecurity Specialist, Consumer Identity, will play a pivotal role in validating controls and governance supporting Customer Identity and Access Management (CIAM) platforms.
• This individual will partner with cross-functional teams to evaluate identity configurations, uphold governance standards, and enable the secure delivery of digital identity services for consumer access across a diverse product portfolio.
• This individual will serve as a trusted advisor on identity architecture, authentication, and authorization controls and governance.
• Product Owners, Engineers, and Architects will rely on this Individual's expertise and clear communication to guide decisions and maintain a secure, scalable, and compliant consumer identity ecosystem.
• The role is for a Senior Cyber Specialist focused on Consumer Identity, specifically assessing the Auth0 platform used at Client.
• The specialist will evaluate the configuration and governance of the Auth0 environment to ensure it aligns with security best practices.

The primary duties associated with this assignment include:

CIAM Controls Assessment:

• Validate the implementation and governance of controls related to identity provider (IdP) configuration and federation protocols (e.g., SAML, OIDC).
• Evaluate the design and implementation of authorization models, including role-based (RBAC), attribute-based (ABAC), and policy-based access controls (PBAC).
• Determine the strength and efficiency of security controls governing password requirements, multi-factor authentication (MFA), and adaptive authentication for both consumer-facing access and internal platform operations.
• Assess API security, token management, and secure system integrations used for CIAM, including third-party integrations.
• Review user lifecycle automation processes, including provisioning, deprovisioning, and account synchronization.
• Assess controls surrounding user profile information.
• Analyze self-service and account recovery features for both security and usability.
• Validate logging, monitoring, and SIEM integration for identity-related events.

CIAM Governance Assessment:

• Assess and validate adherence to CIAM governance frameworks, including defined roles, responsibilities, and accountability structures.
• Validate the effectiveness of processes designed to ensure compliance with GDPR, CCPA, HIPAA, PCI DSS, and other applicable consumer data protection standards.
• Evaluate the effectiveness and compliance of consent and preference management mechanisms in supporting user autonomy and regulatory requirements.
• Verify data governance practices to ensure proper data minimization, retention, and classification aligned with regulatory and organizational requirements.
• Analyze identity-related risk management processes.
• Review change management and configuration control procedures.
• Verify that recurring access reviews and related documentation are in place and effectively maintained.
• Analyze the effectiveness of metrics, dashboards, and reporting tools in providing actionable insights and ensuring robust CIAM governance oversight.
• Assess vendor oversight and review of third-party security certifications (e.g., SOC 2, ISO 27001).

About you:

• 5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of consumer identity and access management (CIAM) governance and controls
• Deep understanding of authentication, authorization, and identity lifecycle management
• Knowledge of industry guidance related to digital authentication and lifecycle management (e.g. NIST SP 800-63B)
• Hands-on experience with assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth)
• Familiarity with modern authentication technologies such as WebAuthn and Passkeys
• Knowledge of regulatory frameworks impacting consumer identity (e.g., GDPR, CCPA, HIPAA, PCI DSS)
• Experience in risk assessment, compliance audits, and governance reporting
• Strong collaboration and influencing skills across technical and business teams
• Excellent written and verbal communication skills tailored to diverse audiences
• Strong analytical and problem-solving abilities
• Ability to manage multiple priorities in a fast-paced environment
• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or a related field
• Preferred: Professional certifications such as CISSP, CISA, CIAM, or equivalent

Key Responsibilities

• Assess technical and process controls of the Auth0 consumer identity platform.
• Ensure secure configuration and compliance with governance frameworks.
• Review roles, responsibilities, regulatory compliance, consent and preference management.
• Evaluate data governance principles including minimization, retention, classification, and disposition.
• Validate change management processes, metrics, dashboards, and reporting.
• Collaborate with product owners, engineers, and architects.
• Conduct interviews, review system evidence, and assess policy adherence

Required Skills and Experience

• Experience in auditing or assessing consumer identity platforms
• Deep understanding of Auth0 configuration and governance
• Background in identity and access management
• Cybersecurity certifications preferred; identity-specific certifications ideal
• Strong communication and collaboration skills
• Ability to lead assessments independently

Technology Stack

• Primary Platform: Auth0
• Federation Protocols: SAML, OAuth
• Other platforms may be assessed in future engagements

Candidate Considerations

• Candidates from any industry with consumer identity experience are acceptable
• Overqualification is not a concern; technical depth is valued

DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status.