Senior Cyber Specialist – Consumer Identity & CIAM Governance
Duration: 2 months
Location: On-site in St. Paul, Minnesota
Work Hours: 8 hours/day, 5 days/week
Start Date: Early August; completion by end of September
Pay Range: $70-$75/hr
Position Overview
We are seeking a Senior Cyber Specialist with deep expertise in Consumer Identity and Access Management (CIAM) to assess, validate, and enhance the configuration and governance of identity platforms—primarily focusing on Auth0. This role is critical in ensuring secure, scalable, and compliant digital identity services across a diverse product portfolio.
Key Responsibilities
CIAM Controls Assessment
- Evaluate identity provider (IdP) configurations and federation protocols (SAML, OAuth, OIDC).
- Assess authorization models including RBAC, ABAC, and PBAC.
- Validate password policies, multi-factor authentication (MFA), and adaptive authentication mechanisms.
- Review API security, token management, and third-party integrations.
- Analyze user lifecycle automation (provisioning, deprovisioning, synchronization).
- Assess self-service and account recovery features for security and usability.
- Validate logging, monitoring, and SIEM integration for identity-related events.
CIAM Governance Assessment
- Ensure adherence to governance frameworks, including roles, responsibilities, and accountability structures.
- Validate compliance with GDPR, CCPA, HIPAA, PCI DSS, and other data protection standards.
- Evaluate consent and preference management mechanisms.
- Review data governance practices: minimization, retention, classification, and disposition.
- Analyze identity-related risk management and change control processes.
- Verify recurring access reviews and documentation.
- Assess metrics, dashboards, and reporting tools for governance oversight.
- Review vendor oversight and third-party security certifications (e.g., SOC 2, ISO 27001).
Collaboration & Advisory
- Partner with Product Owners, Engineers, and Architects to guide secure identity architecture decisions.
- Conduct interviews, review system evidence, and assess policy adherence.
- Serve as a trusted advisor on authentication, authorization, and identity lifecycle management.
Required Skills and Experience
- 5+ years in identity architecture, access management, cybersecurity, or technology audit
- Hands-on experience with CIAM platforms and identity federation protocols
- Deep understanding of authentication, authorization, and identity lifecycle management
- Familiarity with modern authentication technologies (e.g., WebAuthn, Passkeys)
- Knowledge of regulatory frameworks (GDPR, CCPA, HIPAA, PCI DSS)
- Experience in risk assessment, compliance audits, and governance reporting
- Strong communication, collaboration, and analytical skills
- Bachelor’s degree in Cybersecurity, Computer Science, or related field
Preferred Qualifications
- Professional certifications such as CISSP, CISA, CIAM, or equivalent