Security Hardening - identity/access/hardening

Title: IT Security Hardening Specialist
Job Type: Contract
Contract Length: TBD (Engagement-based)
Pay Range: $80–$100/hour
Start Date: To be determined
Location: 100% Remote

About the Opportunity:

Our client, a leader in cloud infrastructure and technology, is seeking two experienced IT Security Hardening Specialists to join their team for a critical 6-month+ engagement. This project focuses on executing a comprehensive security hardening program across hundreds of applications and cloud services. The objective is to move the company’s estate to a defensible, consistent security standard by enforcing SSO, eliminating standing admin privileges, and validating comprehensive logging. This is a high-impact role that requires a self-motivated security professional who can hit the ground running to execute systematic, evidence-based security improvements.

Key Responsibilities & Deliverables:

This role is focused on the successful execution of identity and application hardening initiatives. Your responsibilities will include:

• Identity & Access Hardening: Identify and eliminate standing administrator access, close local "back-door" accounts that bypass SSO/MFA, and harden access governance platforms (Okta, Opal).
• Application Hardening: Systematically harden a portfolio of applications by enforcing single sign-on (SSO), standardizing security groups, and right-sizing roles (RBAC) according to a consistent 8-step security checklist.
• Logging Validation: Configure and validate application logs into the SIEM to ensure continuous coverage and audit-readiness.
• Process Execution: Execute tasks tracked in Jira, ensuring each item has a clear definition of done and documented evidence.
• Stakeholder Collaboration: Work alongside internal IT, Security teams, and application owners to resolve access issues and decommission non-essential test/dormant applications.

Required Skills & Experience:

We are looking for candidates with a proven track record in identity security and SaaS administration. The ideal candidate will have:

• 3+ years of experience in security engineering, IT operations, or identity management.
• Deep expertise in Okta (SSO/IdP), SAML/SCIM integrations, and access governance tools (e.g., Opal).
• Experience with privileged access management and implementing "just-in-time" (JIT) access models.
• Familiarity with Workday as an authoritative HRIS source is a strong plus.
• Demonstrated ability to work autonomously, manage complex technical checklists at scale, and maintain detailed documentation in Jira.
• Strong communication skills to effectively collaborate with application owners and internal security stakeholders during the hardening process.
• Ability to participate in a 2–3 round interview process.

#LI-JJ1