IAM Practitioner
Location: Chicago, IL (Hybrid)
Job Schedule: Monday – Friday, 1st shift
Job Type: W2 Contract
Pay Rate: Starting at $45/hourly with optional benefits packages including PTO, medical insurance, and 401k
Role Summary
We’re seeking an experienced IAM practitioner to lead Phase 2 application deep-dives within the ECM Change Management Audit Remediation program and coordinate end-to-end application team responses. This role will:
- Facilitate and document what constitutes “privileged access” with application and service owners
- Drive data collection and analysis
- Own all IAM aspects of project execution for the IAM workstream
- Ensure alignment to IAM policy and the Privileged Account Management (PAM) standard
Phase 2 focuses on risk-based deep-dive assessments of applications prioritized by business criticality, regulatory impact, data classification, foundational system status, and usage profiles.
Key Responsibilities
Lead Assessments & Coordination
- Plan, schedule, and run deep-dive sessions with application and service owners
- Tailor question sets to hosting model (on-prem/SaaS), access model, and criticality
- Drive completion of application responses (surveys, interviews, workshops)
- Ensure evidence is collected and stored in approved repositories (e.g., CMDB, SharePoint, ServiceNow)
- Define and document “privileged access” per application (roles, entitlements, credentials, break-glass accounts, service accounts/keys, cloud admin roles)
- Map entitlements to accounts and controls (vaulting, rotation, JIT, session management, MFA)
- Identify remediation needs when gaps are found
Analysis, Risk Scoring & Reporting
- Apply risk-based prioritization using the Phase 2 model
- Document rationale in CMDB attributes
- Produce application-level deep-dive reports (current state, control gaps, recommendations, target dates)
- Create portfolio rollups for weekly program governance
Standards Alignment & Operationalization
- Ensure outcomes align to IAM Policy and PAM Standard definitions
- Raise exceptions only when justified with mitigating controls and an action plan
- Partner with application teams to confirm privileged access scopes for PAR/PUAR campaigns
- Certify in-scope accounts accordingly
Tooling & Integrations
- Coordinate with platform owners to onboard/vault privileged credentials and secrets in CyberArk
- Ensure Okta access patterns and SailPoint IIQ governance reflect agreed entitlements
- Update CMDB attributes and ServiceNow IRM records with final risk ratings and control states
Education & Experience
- Bachelor’s degree in Computer Science or equivalent experience
- Minimum of 4 years’ experience in security across multiple platforms, operating systems, software communications, and network protocols
- Previous help desk experience desirable
- Applicable certifications preferred