DivIHN Integration
About you:
5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of consumer identity and access management (CIAM) governance and controls
Deep understanding of authentication, authorization, and identity lifecycle management
Knowledge of industry guidance related to digital authentication and lifecycle management (e.g. NIST SP 800-63B)
Hands-on experience with assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth)
Familiarity with modern authentication technologies such as WebAuthn and Passkeys
Knowledge of regulatory frameworks impacting consumer identity (e.g., GDPR, CCPA, HIPAA, PCI DSS)
Experience in risk assessment, compliance audits, and governance reporting
Strong collaboration and influencing skills across technical and business teams
Excellent written and verbal communication skills tailored to diverse audiences
Strong analytical and problem-solving abilities and adaptability in dynamic environments.
Ability to manage multiple priorities in a fast-paced environment
Bachelors degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or a related field
Preferred:
Professional certifications such as CISSP, CISA, CIAM, or equivalent Professional experience in one or more of the following areas: Adept at aligning security best practices with continuous integration and delivery frameworks Cloud-native application architecture and security design Mobile application architecture and security design Cloud computing architecture and security design Experience conducting cyber threat modeling using frameworks such as STRIDE or PASTA. Strong grasp of information security principles and defense-in-depth strategies. Ability to balance business risk and cybersecurity risk. Familiarity with medical device cybersecurity frameworks is preferred. Core responsibilities of this job are: Conduct threat modeling during the development of client products. Advise on cybersecurity risks associated with mobile and cloud-based product development. Ensure development teams align with industry cybersecurity standards and requirements. Analyze cybersecurity testing results to assess product security posture. Guide teams in prioritizing and remediating identified security vulnerabilities. Communicate significant product security concerns to leadership as needed. Key Responsibilities Assess technical and process controls of the Auth0 consumer identity platform. Ensure secure configuration and compliance with governance frameworks. Review roles, responsibilities, regulatory compliance, consent and preference management. Evaluate data governance principles including minimization, retention, classification, and disposition. Validate change management processes, metrics, dashboards, and reporting. Collaborate with product owners, engineers, and architects. Conduct interviews, review system evidence, and assess policy adherence Required Skills and Experience Experience in auditing or assessing consumer identity platforms Deep understanding of Auth0 configuration and governance Background in identity and access management Cybersecurity certifications preferred; identity-specific certifications ideal Strong communication and collaboration skills Ability to lead assessments independently Technology Stack Primary Platform: Auth0 Federation Protocols: SAML, OAuth Other platforms may be assessed in future engagements Candidate Considerations Candidates from any industry with consumer identity experience are acceptable Overqualification is not a concern; technical depth is valued Role Overview: Conduct an 8-week cybersecurity assessment of the Auth0 consumer identity and access management platform at Client. Evaluate configuration, governance, and security posture. High-profile project with senior-level visibility. Potential for extension to other platforms. Responsibilities: Review Auth0 configuration including password policies, API authentication, MFA, roles, and federation. Assess governance processes: access requests, data retention, regulatory compliance. Review documentation: architecture diagrams, SOPs, audit logs. Conduct stakeholder interviews and gather evidence. Deliver a gap assessment report with recommendations. Required Skills: Strong technical knowledge of consumer identity and access management (CIAM). Experience with Auth0 preferred. Familiarity with identity federation (e.g., SAML, OpenID Connect). Understanding of MFA and authorization models. Knowledge of NIST SP 800-63 series for identity governance. Preferred Experience: 3+ years of experience with Auth0 preferred. Experience with other CIAM platforms acceptable if transferable. Strong documentation and communication skills. Self-starter, collaborative, able to work with senior architects.
Professional certifications such as CISSP, CISA, CIAM, or equivalent Professional experience in one or more of the following areas: Adept at aligning security best practices with continuous integration and delivery frameworks Cloud-native application architecture and security design Mobile application architecture and security design Cloud computing architecture and security design Experience conducting cyber threat modeling using frameworks such as STRIDE or PASTA. Strong grasp of information security principles and defense-in-depth strategies. Ability to balance business risk and cybersecurity risk. Familiarity with medical device cybersecurity frameworks is preferred. Core responsibilities of this job are: Conduct threat modeling during the development of client products. Advise on cybersecurity risks associated with mobile and cloud-based product development. Ensure development teams align with industry cybersecurity standards and requirements. Analyze cybersecurity testing results to assess product security posture. Guide teams in prioritizing and remediating identified security vulnerabilities. Communicate significant product security concerns to leadership as needed. Key Responsibilities Assess technical and process controls of the Auth0 consumer identity platform. Ensure secure configuration and compliance with governance frameworks. Review roles, responsibilities, regulatory compliance, consent and preference management. Evaluate data governance principles including minimization, retention, classification, and disposition. Validate change management processes, metrics, dashboards, and reporting. Collaborate with product owners, engineers, and architects. Conduct interviews, review system evidence, and assess policy adherence Required Skills and Experience Experience in auditing or assessing consumer identity platforms Deep understanding of Auth0 configuration and governance Background in identity and access management Cybersecurity certifications preferred; identity-specific certifications ideal Strong communication and collaboration skills Ability to lead assessments independently Technology Stack Primary Platform: Auth0 Federation Protocols: SAML, OAuth Other platforms may be assessed in future engagements Candidate Considerations Candidates from any industry with consumer identity experience are acceptable Overqualification is not a concern; technical depth is valued Role Overview: Conduct an 8-week cybersecurity assessment of the Auth0 consumer identity and access management platform at Client. Evaluate configuration, governance, and security posture. High-profile project with senior-level visibility. Potential for extension to other platforms. Responsibilities: Review Auth0 configuration including password policies, API authentication, MFA, roles, and federation. Assess governance processes: access requests, data retention, regulatory compliance. Review documentation: architecture diagrams, SOPs, audit logs. Conduct stakeholder interviews and gather evidence. Deliver a gap assessment report with recommendations. Required Skills: Strong technical knowledge of consumer identity and access management (CIAM). Experience with Auth0 preferred. Familiarity with identity federation (e.g., SAML, OpenID Connect). Understanding of MFA and authorization models. Knowledge of NIST SP 800-63 series for identity governance. Preferred Experience: 3+ years of experience with Auth0 preferred. Experience with other CIAM platforms acceptable if transferable. Strong documentation and communication skills. Self-starter, collaborative, able to work with senior architects.