Spectraforce Technologies
Sr. Cybersecurity Specialist
Spectraforce Technologies, Saint Paul, Minnesota, United States, 55130
Title: Senior Cyber Specialist - Consumer Identity
Duration: 6 months
Location: St. Paul, MN 55117 (onsite)
As Senior Cyber Specialist - Consumer Identity, you will play a pivotal role in validating controls and governance supporting Customer Identity and Access Management (CIAM) platforms. You will partner with cross-functional teams to evaluate identity configurations, uphold governance standards, and enable the secure delivery of digital identity services for consumer access across a diverse product portfolio.
You will serve as a trusted advisor on identity architecture, authentication, and authorization controls and governance. Product Owners, Engineers, Architects will rely on your expertise and clear communication to guide decisions and maintain a secure, scalable, and compliant consumer identity ecosystem.
The primary duties associated with this assignment include:
CIAM Controls Assessment: Validate the implementation and governance of controls related to identity providers (IdP) configuration and federation protocols (e.g., SAML, OIDC). Evaluate the design and implementation of authorization models, including role-based (RBAC), attribute-based (ABAC), and policy-based access controls (PBAC). Determine the strength and efficiency of security controls governing password requirements, multi-factor authentication (MFA), and adaptive authentication for both consumer-facing access and internal platform operations. Assess API security, token management, and secure system integrations used for CIAM, including third-party integrations. Review user lifecycle automation processes, including provisioning, deprovisioning, and account synchronization. Assess controls surrounding user profile information. Analyze self-service and account recovery features for both security and usability. Validate logging, monitoring, and SIEM integration for identity-related events.
CIAM Governance Assessment:
Assess and validate adherence to CIAM governance frameworks, including defined roles, responsibilities, and accountability structures. Validate the effectiveness of processes designed to ensure compliance with GDPR, CCPA, HIPAA, PCI DSS, and other applicable consumer data protection standards. Evaluate the effectiveness and compliance of consent and preference management mechanisms in supporting user autonomy and regulatory requirements. Verify data governance practices to ensure proper data minimization, retention, and classification aligned with regulatory and organizational requirements. Analyze identity-related risk management processes. Review change management and configuration control procedures. Verify that recurring access reviews and related documentation are in place and effectively maintained. Analyze the effectiveness of metrics, dashboards, and reporting tools in providing actionable insights and ensuring robust CIAM governance oversight. Assess vendor oversight and review of third-party security certifications (e.g., SOC 2, ISO 27001).
About you:
5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of consumer identity and access management (CIAM) governance and controls Deep understanding of authentication, authorization, and identity lifecycle management Knowledge of industry guidance related to digital authentication and lifecycle management (e.g. NIST SP 800-63B) Hands-on experience with assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth) Familiarity with modern authentication technologies such as WebAuthn and Passkeys Knowledge of regulatory frameworks impacting consumer identity (e.g., GDPR, CCPA, HIPAA, PCI DSS) Experience in risk assessment, compliance audits, and governance reporting Strong collaboration and influencing skills across technical and business teams Excellent written and verbal communication skills tailored to diverse audiences Strong analytical and problem-solving abilities Ability to manage multiple priorities in a fast-paced environment Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or a related field
Preferred:
Professional certifications such as CISSP, CISA, CIAM, or equivalent
Duration: 6 months
Location: St. Paul, MN 55117 (onsite)
As Senior Cyber Specialist - Consumer Identity, you will play a pivotal role in validating controls and governance supporting Customer Identity and Access Management (CIAM) platforms. You will partner with cross-functional teams to evaluate identity configurations, uphold governance standards, and enable the secure delivery of digital identity services for consumer access across a diverse product portfolio.
You will serve as a trusted advisor on identity architecture, authentication, and authorization controls and governance. Product Owners, Engineers, Architects will rely on your expertise and clear communication to guide decisions and maintain a secure, scalable, and compliant consumer identity ecosystem.
The primary duties associated with this assignment include:
CIAM Controls Assessment: Validate the implementation and governance of controls related to identity providers (IdP) configuration and federation protocols (e.g., SAML, OIDC). Evaluate the design and implementation of authorization models, including role-based (RBAC), attribute-based (ABAC), and policy-based access controls (PBAC). Determine the strength and efficiency of security controls governing password requirements, multi-factor authentication (MFA), and adaptive authentication for both consumer-facing access and internal platform operations. Assess API security, token management, and secure system integrations used for CIAM, including third-party integrations. Review user lifecycle automation processes, including provisioning, deprovisioning, and account synchronization. Assess controls surrounding user profile information. Analyze self-service and account recovery features for both security and usability. Validate logging, monitoring, and SIEM integration for identity-related events.
CIAM Governance Assessment:
Assess and validate adherence to CIAM governance frameworks, including defined roles, responsibilities, and accountability structures. Validate the effectiveness of processes designed to ensure compliance with GDPR, CCPA, HIPAA, PCI DSS, and other applicable consumer data protection standards. Evaluate the effectiveness and compliance of consent and preference management mechanisms in supporting user autonomy and regulatory requirements. Verify data governance practices to ensure proper data minimization, retention, and classification aligned with regulatory and organizational requirements. Analyze identity-related risk management processes. Review change management and configuration control procedures. Verify that recurring access reviews and related documentation are in place and effectively maintained. Analyze the effectiveness of metrics, dashboards, and reporting tools in providing actionable insights and ensuring robust CIAM governance oversight. Assess vendor oversight and review of third-party security certifications (e.g., SOC 2, ISO 27001).
About you:
5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of consumer identity and access management (CIAM) governance and controls Deep understanding of authentication, authorization, and identity lifecycle management Knowledge of industry guidance related to digital authentication and lifecycle management (e.g. NIST SP 800-63B) Hands-on experience with assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth) Familiarity with modern authentication technologies such as WebAuthn and Passkeys Knowledge of regulatory frameworks impacting consumer identity (e.g., GDPR, CCPA, HIPAA, PCI DSS) Experience in risk assessment, compliance audits, and governance reporting Strong collaboration and influencing skills across technical and business teams Excellent written and verbal communication skills tailored to diverse audiences Strong analytical and problem-solving abilities Ability to manage multiple priorities in a fast-paced environment Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or a related field
Preferred:
Professional certifications such as CISSP, CISA, CIAM, or equivalent