Identity & Access Management Analyst - Information Security - Technology Services

About the position The Identity & Access Management Analyst plays a crucial role in the security of Denton County's information systems by reviewing, designing, documenting, implementing, and maintaining various enterprise systems. This includes Identity and Access Management (IAM), password management, Privileged Access Management (PAM), and Multi-Factor Authentication (MFA). The primary goal of this position is to ensure the security of county assets while providing excellent customer service and resolving issues in a timely manner. The analyst will be a key contributor to the Denton County Technology Services team, working on complex cybersecurity projects and addressing high-level security issues. In this role, the analyst will perform daily administration, configuration, and support of IAM, PAM, and MFA systems. This involves granting, modifying, and revoking access to systems and applications in accordance with predefined security policies. The analyst will also be responsible for server system administration, developing SQL queries, and automating IAM processes. Additionally, the position requires the design, implementation, and maintenance of other security solutions to meet the county's cybersecurity needs. The analyst will work closely with various departments to create role-based access controls based on job roles, ensuring that access control lists, role-based access controls (RBACs), and permissions align with departmental needs and the principle of least privilege. Regular audits of user accounts and access will be conducted to ensure compliance with county, CJIS, PCI, and HIPAA policies, as well as other regulatory requirements. Effective communication with customers and stakeholders regarding the operation of the IAM system, user provisioning, de-provisioning, and overall user lifecycle management is essential. Furthermore, the analyst will collaborate with the Information Security Team to identify and communicate security vulnerabilities and risks, supporting remediation efforts. Promoting best practice security strategies to mitigate threats is a key responsibility, along with preparing documentation to ensure the successful delivery of cybersecurity objectives. This includes creating communication materials, job aids, training resources, technical reference guides, project plans, policies, and procedures. The analyst will also participate in cybersecurity incident investigations and response activities, adhering to county policies and best practices related to information security. Regular and punctual attendance is required, and the analyst may perform other related duties as necessary. Responsibilities • Perform daily administration, configuration, and support of IAM, PAM, and MFA systems. , • Grant, modify, and revoke access to systems and applications according to predefined security policies. , • Conduct server system administration tasks. , • Develop SQL queries and IAM automations. , • Design, implement, and maintain security solutions to address cybersecurity needs. , • Create and configure identity and access management policies and procedures to enhance security posture. , • Work with departments to design role-based access controls based on job roles. , • Create access control lists, RBACs, and permissions based on departmental needs and least privilege. , • Conduct regular audits of user accounts and access to ensure compliance with policies and regulations. , • Communicate with customers and stakeholders regarding IAM system operations, user provisioning, and lifecycle management. , • Collaborate with the Information Security Team to identify and communicate security vulnerabilities and risks. , • Promote best practice security strategies to mitigate threats. , • Prepare documentation for cybersecurity objectives, including training materials and technical guides. , • Participate in cybersecurity incident investigations and response activities. Requirements • Associate degree in a related field and a minimum of two years of experience in a related field; or an equivalent combination of education and experience required. , • Bachelor's degree in information technology, information security, or cybersecurity preferred. , • Knowledge of common information security management frameworks and standards such as NIST, CJIS, HIPAA, and PCI. , • Knowledge of information security concepts and controls, computer networking, and TCP/IP addressing preferred. , • Possession of a valid driver's license required. , • Must obtain a valid Texas driver's license within 90 days of employment. , • Must not have any Class B misdemeanor or higher convictions or deferred adjudications. Nice-to-haves • Experience with cybersecurity incident response activities. , • Familiarity with role-based access control (RBAC) implementation. , • Knowledge of SQL for database management and queries. Benefits • Full-time employment with a competitive salary range of $73,491 - $85,250 per year. , • Opportunities for professional development and training. , • Supportive work environment focused on cybersecurity and information security. Apply Job!