IAM Security Analyst

Minneapolis, Minnesota





| 67136| Jun 10, 2024
*upon offer, candidates must complete a background*


We are seeking an experienced and highly skilled IAM Security Analyst with direct IAM (Identity and Access Management) experience to join our dynamic team. The ideal candidate will play a pivotal role in strengthening our organization's security posture and ensuring the protection of sensitive information through effective manual and automated provisioning of access to Xcel data assets. The IAM Security Analyst will be responsible for various key tasks, including management of Service Now ticket queues for access provisioning, following governance/compliance checks and procedures, using Active Directory and SailPoint as reference for identity profiles, creation of Security Groups and adding accounts to those security groups.
This position will not have direct reports and requires a degree in Information Technology, Data Science or a related Cyber Security field or experience equivalent to degree requirements. 
Key Responsibilities:
  1. Provisioning of highly secured access:     Based on defined entitlements and processes to request, approve and provision access, the IAM Security Analyst will respond to a variety of formal requests for access to privileged and non-privileged access. The Analyst will be assigned a queue in Service Now and various ad hoc requests for daily fulfillment of complete and accurate access.
  2. Customer Service:  Maintaining service levels and responding to customer requests to assist in understanding the proper request process, entitlements, and satisfaction. 
  3. Active Directory Fluency:  Understanding of basic processes and procedures to define and develop active directory security groups, provisioning and deprovisioning of user accounts into AD Groups.  Timely tracking of automated and manual termination of user accounts. 
  4. Governance/Compliance: Ensure adherence to relevant industry regulations, internal policies, and compliance standards related to IAM and access controls.
  5. Quality Assurance Activities: Ensure that processes and procedures are following with an understanding of least privileged access as well as compliance approvals and any training requirements fulfilled before access is granted.
  6. Communication Skills: Possess exceptional written and verbal communication skills. Effectively communicate complex technical concepts to both technical and non-technical stakeholders.
  • Bachelor’s degree in Technology, Data Science, or a related field/experience.
  • 3-5 years of direct experience with Active Directory on premise, and understanding of Azure/Entra AD.  3 years of Identity & Access Management Experience. 
  • Strong understanding of risk management, access controls, status reporting, governance/compliance, and quality assurance activities.
  • Ability to propose innovative solutions and drive continuous improvements in IAM processes and recommendations for automation requirements definition.
  • Experience with SailPoint integration with other primary systems such as Workday, Service Now and CyberArk also beneficial. 
  • Excellent written and verbal communication skills. Excellent time management skills;
  • Ability to support several types of access requests and other team members with spikes in ticket queues.
  • Preferred Technical Environment Skillset:
  • Active Directory, AAD, MS Entra & RBAC principals

Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.

In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact us.

All applicants applying must be legally authorized to work in the country of employment.