IAM Operations Analyst - Remote- Contract- 4k

Responsibilities

• Run and monitor User Access Review and certification campaigns in SailPoint Identity Security Cloud (ISC) end-to-end, including scoping, launch, reviewer assignment, reminders, escalation, and closure, with support from the IAM Manager and IAM Engineering teams.
• Drive reviewers to SLA, escalating to line managers and skip-level managers when campaigns stall, and scrutinize low-quality or default approvals to ensure review decisions are meaningful.
• Investigate and remediate policy violations surfaced by access governance, including active individuals without an assigned manager and segregation-of-duties (SoD) conflicts.
• Track campaign revocations and access changes through to confirmed closure in target systems and evidence outcomes in remediation reports.
• Monitor account provisioning and de-provisioning across SailPoint and Okta, resolving exceptions, joiner-mover-leaver gaps, and synchronization errors.
• Work with system and application owners to correctly map non-human, service-account, and machine-identity ownership in SailPoint.
• Provide ad hoc IAM support for Teleport and partner with technical stakeholders to operationalize Teleport within their teams.
• Onboard new services and servers into Teleport, enabling secure access for both human users and machine identities.
• Monitor integration health between SailPoint and connected source systems and escalate connector, aggregation, and data-quality issues where required.
• Act as second-level support for IAM-related incidents and troubleshooting.
• Generate standard and ad hoc access-governance reports and metrics for IAM leadership, Security leadership, and external auditors.
• Package evidence for compliance-automation platforms and external reviews while validating that controls are operating as designed.
• Document and maintain IAM standard operating procedures, reviewer guides, operational playbooks, and end-user FAQs.
• Support audit readiness by collecting evidence, validating control operation, and documenting access-governance activities across the IAM estate, including SailPoint ISC, Okta, Microsoft Entra ID, and SaaS applications.
• Research improvements to access-review processes, policies, and automation, translating them into practical and repeatable operational practices.
• Provide technical input on access-governance risks, control gaps, exceptions, and process-improvement opportunities.
• Run access reviews and certification campaigns for AI and generative AI tools, including Microsoft 365 Copilot, approved LLM platforms, and the entitlements, connectors, and data sources they can access.
• Govern identities, entitlements, and least-privilege access for AI agents, copilots, and autonomous workloads, including service accounts, API scopes, and tool-calling permissions in SailPoint and Okta.

Qualifications & Skills

• 2–4 years of experience in IT, IT support, system administration, security operations, or IAM operations, ideally including hands-on access governance.
• Bachelor's degree in Information Technology, Computer Science, Information Security, or a related discipline, or equivalent practical experience.
• Good understanding of IAM concepts, including authentication, authorization, provisioning, MFA, RBAC, least privilege, and Single Sign-On (SSO).
• Hands-on experience with at least one Identity Governance and Administration (IGA) platform. SailPoint Identity Security Cloud (ISC) is strongly preferred; experience with Saviynt, One Identity, or Oracle IGA is also relevant.
• Experience with Okta administration, including users, groups, applications, and lifecycle policies.
• Experience running access reviews and certification campaigns, interpreting segregation-of-duties policy outputs, and driving remediation activities.
• Understanding of cloud and infrastructure access environments, APIs, authentication, and authorization, with familiarity across Microsoft Entra ID, Active Directory, AWS IAM, Teleport, HashiCorp Boundary, AWS SSM Session Manager, CyberArk, and tools such as Postman.
• Knowledge of security and compliance frameworks such as ISO 27001, SOC 2, SOX, and financial-services regulations, with experience supporting audits and compliance evidence collection.
• Ability to understand technical documentation, integrations, connector designs, and identity data flows across connected systems.
• Exposure to scripting languages such as PowerShell, Python, or Bash for reporting and automation purposes.
• Relevant certifications are advantageous, including SailPoint, Okta Certified Professional/Administrator, CompTIA Security+, or AWS Security/IAM certifications.
• Awareness of AI and generative AI security risks related to identity, including excessive agent permissions, over-scoped API/OAuth grants, insecure connectors, and data exposure through AI tools.
• Exposure to governing access for AI platforms, copilots, agentic systems, or non-human identities.
• Interest in leveraging AI-assisted automation responsibly within IAM operations, including reporting, anomaly detection, and access-review insights.
• Strong stakeholder management, analytical, and problem-solving skills with excellent attention to detail.
• Able to work after hours from time to time as required.

What We're Looking For

• Passion for Identity and Access Management and a strong interest in maintaining audit-ready access governance within a fast-moving, multi-system environment.
• Strong technical curiosity and the ability to investigate unfamiliar platforms, integrations, policies, and access patterns.
• Comfortable working hands-on with IGA tools, access-review campaigns, policy outputs, logs, configurations, evidence, and technical documentation.
• Understanding of core IAM concepts, including authentication, authorization, provisioning, RBAC, least privilege, SSO, MFA, security operations, and identity lifecycle management.
• Understanding of how AI tools, copilots, and autonomous workloads consume identities and permissions, with the ability to identify over-privileged or risky AI integrations.
• Interest in AI security and applying access-governance practices to emerging AI and non-human identity use cases.
• Ability to identify practical access risks across entitlements, segregation-of-duties conflicts, service-account ownership, and joiner-mover-leaver processes.
• Highly organized with strong attention to detail and the ability to drive recurring campaigns and exceptions through to completion.
• Professional and persistent when working with reviewers, managers, and senior stakeholders to meet deadlines.
• Strong collaboration skills and the ability to work with engineering, DevOps, application owners, security teams, governance teams, and auditors.
• Ability to translate audit and policy requirements into practical, repeatable implementation steps.
• Strong reporting, documentation, and communication skills with a focus on audit readiness and operational consistency.
• Ability to work in an international environment spanning multiple regions and time zones.
• Willingness to work outside standard business hours when required.

Growth Opportunities

• Hands-on experience across a modern enterprise IAM stack, including SailPoint Identity Security Cloud (ISC), Okta, AWS IAM, Microsoft Entra ID, and Teleport.
• Deep exposure to access governance, certification, and audit practices within a regulated, multi-region environment.
• Clear career progression into advanced IAM and security roles such as IAM Engineer, IGA Analyst, or PAM Specialist.
• Opportunity to contribute to the design and improvement of access-governance processes, automation, and tooling.
• Close collaboration with IT, Security Engineering, Governance, Risk & Compliance (GRC), and DevOps teams.
• Exposure to the rapidly evolving intersection of Identity and AI Security, including governance of AI agents, copilots, and machine identities.

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.