***We are unable to sponsor for this 6+ month contract to hire role, no 3rd party candidates will be considered***
Prestigious Enterprise Company is currently seeking a IAM Entra ID Risk Analyst with strong Jira and Third-Party Risk experience. Candidate will own and optimize user access provisioning, privilege management, and entitlement lifecycle processes across our environment. This person will also manage established Third-Party Risk Management processes as well as Kanban board activity tracking for the EIS team. Coordinating with the Atlassian team, you will design and operate Jira-based request/approval workflows and automations that are aligned to least privilege and business needs.
Responsibilities
Access Provisioning & Lifecycle
-Execute and enhance onboarding, transition, and termination processes.
-Provision/deprovision job-based entitlements across directories, applications, data platforms, and cloud resources, with a major focus on Epic EMR templates.
-Administer and coordinate privileged access.
Jira Workflows & Automation
-Build/maintain Jira-based request forms for access, privilege elevation, and group membership changes.
-Implement approval chains and auto-routing using Jira workflow conditions, validators, and post-functions.
-Develop automation rules (Jira Automation / ScriptRunner / REST API) to synchronize request data with IAM platforms, directories, and applications, thereby reducing manual touchpoints.
-Instrument auditability: enforce required fields, reasons for access, evidence attachments, and immutable approval trails.
IAM Platform Operations
-Execute access changes via Entra ID (Azure AD) and legacy Active Directory - manage groups, roles, app-specific local access controls.
-Support SSO & Federation (SAML/OIDC/OAuth2) and provisioning integrations (SCIM/API); troubleshoot authentication and provisioning failures.
-Run and improve access reviews/attestations (campaign setup, reminders, escalations, revocations) and produce closure evidence.
Risk, Compliance & Controls
-Enforce least privilege, SoD, and need-to-know principles; maintain access control standards and role catalogs.
-Generate and maintain audit-ready evidence (tickets, approvals, logs, certifications) for audits (e.g., SOX, ISO 27001, SOC 2, HIPAA as applicable).
-Identify control gaps; propose and implement remediations, playbooks, and preventive controls.
Metrics & Continuous Improvement
-Define and report IAM-related KPIs
-Perform root cause analysis on failed/late requests; drive automation and standardization to reduce cycle time and error rates.
-Maintain clear runbooks, standards, and user-facing guidance.
Third Party Risk Management
-Represent security interests during the TPRM process
-Operate and streamline TPRM reviews
Experience:
4+ years in Identity & Access Management, IT Security, or related field.
Hands-on experience with Microsoft Entra, Active Directory, JIRA, and Privileged Identity Management (PAM)
Strong proficiency building Jira workflows (conditions, validators, post-functions), Jira Automation, SLA configuration, queues, request forms, and custom fields.
Experience provisioning access via Epic templates
Experience creating or consuming REST APIs, working with JSON, and using automation/integration tools (e.g., Power Automate, Azure Automation, ScriptRunner)
Ability to produce audit-ready documentation and communicate with technical and non-technical stakeholders.
Preferred Qualifications
Familiarity with SCIM provisioning, app connector tuning, and entitlement mapping.
Scripting skills (e.g., PowerShell, Python, Groovy for ScriptRunner) for automation and reporting.
Certifications: CIAM, CompTIA Security+, CISA/CISM, CISSP
Security-first thinking with pragmatism and delivery focus.
Bachelors degree