Year Up United
Overview
We are seeking a highly skilled IAM and Security Systems Analyst to support the design, implementation, and operation of critical security controls across our infrastructure, cloud, and application environments. While the title reflects an analyst level, the role requires a hands-on engineering mindset with deep technical experience in identity management, security tooling, and threat detection. This individual will play a key role in securing our systems, applications, and data by evaluating, implementing, and managing tools and processes across the security stack, from access governance to application security, SIEM operations, and incident response. Key Responsibilities
Identity & Access Management (IAM)
Manage and support identity platforms including Active Directory, Azure AD, and Okta. Implement RBAC, least privilege principles, and automated provisioning/deprovisioning. Conduct periodic access reviews and support access certification processes. Integrate IAM controls into application and cloud environments. Security Engineering & Tooling
Administer and optimize Mimecast, Okta, Microsoft Defender, Intune, and other endpoint/cloud security tools. Manage SIEM tools including rule tuning, log ingestion, and correlation. Implement and automate application code reviews using security scanning tools (SAST, DAST). Perform application security testing and contribute to threat modeling and risk evaluations. Lead cloud control monitoring, data protection measures, and compliance reporting. Threat Detection & Incident Response
Conduct analysis of security alerts and lead incident response efforts. Leverage threat intelligence to update detection mechanisms and enhance response playbooks. Perform root cause analysis and evidence handling following incidents. Support red team/blue team exercises and penetration testing activities. Architecture, Process & SDLC Integration
Review and evaluate system and application security architectures. Support integration of security controls across the SDLC and DevSecOps pipelines. Design and continuously improve security processes and documentation. Participate in security metrics and reporting efforts to track control effectiveness. Support SOC design discussions and contribute to its operational maturity. Collaboration & Compliance
Partner with IT Operations teams, Infrastructure, HR, and Compliance to support security initiatives. Assist with internal and external audits, control documentation, and evidence collection. Maintain awareness of frameworks such as SOC 2, NIST, and ISO 27001. Help run awareness training, phishing simulations, and risk assessments. Location & Role Details
This is a hybrid role that will require regular in-person work in the office for coaching and support of our students. You must live within a commutable distance to either Boston, MA, New York City, NY, or Washington, DC. Salary
Salary Range: $90,000-$110,000 annually. Required Qualifications
35 years of experience in a security engineering or analyst role Strong experience with IAM platforms (Active Directory, Azure AD, Okta) Proficient in SIEM platforms, incident response, and Microsoft security tools Experience with automated security testing tools (SAST, DAST) Familiarity with cloud security (Microsoft 365, Azure) and application security principles Hands-on experience in scripting/automation (PowerShell, Python, or Terraform a plus) Strong understanding of network protocols, system hardening, and endpoint defense Excellent problem-solving and communication skills Preferred Qualifications
Familiarity with red teaming, penetration testing, and threat modeling Exposure to compliance frameworks such as SOC 2, HIPAA, or ISO 27001 Participation in SOC design or operations Experience with security metrics/reporting and risk assessments Why Join Us
Youll be part of a mission-driven team focused on protecting a modern IT and cloud-first organization. This is an opportunity to shape and grow a scalable security program, drive impact across critical systems, and mature key security domains. Compensation & Benefits
Benefits: Comprehensive healthcare options and dental coverage; 401(k) match for eligible participants. Vacation: Three weeks paid vacation in first year of employment; four weeks after initial year. Professional Development: Funds available to support staff in achieving career objectives ($2,500 per year). This is an exempt role (paid on a salaried basis). Commitment To Diversity
Year Up United embraces diversity and equal opportunity in employment. We do not discriminate on race, color, religion, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristics protected by law. We are committed to providing reasonable accommodations to individuals with disabilities. If you need an accommodation during the interview process, please contact our hiring team. To Apply
Please submit a thoughtful cover letter and resume through our website. Note that applications without a cover letter will not be considered. We respectfully request no phone calls. #J-18808-Ljbffr
We are seeking a highly skilled IAM and Security Systems Analyst to support the design, implementation, and operation of critical security controls across our infrastructure, cloud, and application environments. While the title reflects an analyst level, the role requires a hands-on engineering mindset with deep technical experience in identity management, security tooling, and threat detection. This individual will play a key role in securing our systems, applications, and data by evaluating, implementing, and managing tools and processes across the security stack, from access governance to application security, SIEM operations, and incident response. Key Responsibilities
Identity & Access Management (IAM)
Manage and support identity platforms including Active Directory, Azure AD, and Okta. Implement RBAC, least privilege principles, and automated provisioning/deprovisioning. Conduct periodic access reviews and support access certification processes. Integrate IAM controls into application and cloud environments. Security Engineering & Tooling
Administer and optimize Mimecast, Okta, Microsoft Defender, Intune, and other endpoint/cloud security tools. Manage SIEM tools including rule tuning, log ingestion, and correlation. Implement and automate application code reviews using security scanning tools (SAST, DAST). Perform application security testing and contribute to threat modeling and risk evaluations. Lead cloud control monitoring, data protection measures, and compliance reporting. Threat Detection & Incident Response
Conduct analysis of security alerts and lead incident response efforts. Leverage threat intelligence to update detection mechanisms and enhance response playbooks. Perform root cause analysis and evidence handling following incidents. Support red team/blue team exercises and penetration testing activities. Architecture, Process & SDLC Integration
Review and evaluate system and application security architectures. Support integration of security controls across the SDLC and DevSecOps pipelines. Design and continuously improve security processes and documentation. Participate in security metrics and reporting efforts to track control effectiveness. Support SOC design discussions and contribute to its operational maturity. Collaboration & Compliance
Partner with IT Operations teams, Infrastructure, HR, and Compliance to support security initiatives. Assist with internal and external audits, control documentation, and evidence collection. Maintain awareness of frameworks such as SOC 2, NIST, and ISO 27001. Help run awareness training, phishing simulations, and risk assessments. Location & Role Details
This is a hybrid role that will require regular in-person work in the office for coaching and support of our students. You must live within a commutable distance to either Boston, MA, New York City, NY, or Washington, DC. Salary
Salary Range: $90,000-$110,000 annually. Required Qualifications
35 years of experience in a security engineering or analyst role Strong experience with IAM platforms (Active Directory, Azure AD, Okta) Proficient in SIEM platforms, incident response, and Microsoft security tools Experience with automated security testing tools (SAST, DAST) Familiarity with cloud security (Microsoft 365, Azure) and application security principles Hands-on experience in scripting/automation (PowerShell, Python, or Terraform a plus) Strong understanding of network protocols, system hardening, and endpoint defense Excellent problem-solving and communication skills Preferred Qualifications
Familiarity with red teaming, penetration testing, and threat modeling Exposure to compliance frameworks such as SOC 2, HIPAA, or ISO 27001 Participation in SOC design or operations Experience with security metrics/reporting and risk assessments Why Join Us
Youll be part of a mission-driven team focused on protecting a modern IT and cloud-first organization. This is an opportunity to shape and grow a scalable security program, drive impact across critical systems, and mature key security domains. Compensation & Benefits
Benefits: Comprehensive healthcare options and dental coverage; 401(k) match for eligible participants. Vacation: Three weeks paid vacation in first year of employment; four weeks after initial year. Professional Development: Funds available to support staff in achieving career objectives ($2,500 per year). This is an exempt role (paid on a salaried basis). Commitment To Diversity
Year Up United embraces diversity and equal opportunity in employment. We do not discriminate on race, color, religion, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristics protected by law. We are committed to providing reasonable accommodations to individuals with disabilities. If you need an accommodation during the interview process, please contact our hiring team. To Apply
Please submit a thoughtful cover letter and resume through our website. Note that applications without a cover letter will not be considered. We respectfully request no phone calls. #J-18808-Ljbffr