New

IAM & PAM Consulting Director

TEKsystems
$70.00 - $80.00 / hr
life insurance, sick time, 401(k), retirement plan
United States, Illinois, Chicago
Sep 05, 2025
Description We're seeking an experienced IAM practitioner to lead application deep dives within the Audit Remediation program and to coordinate application team responses end to end. This role will facilitate and document what constitutes privileged access; with application and service owners, drive data collection and analysis, and own all IAM aspects of project execution for the IAM workstream; including alignment to our policy and Privileged Account Management (PAM) standard. Skills: Lead assessments & coordination - Plan, schedule, and run deep dive assessment sessions with application and service owners; tailor question sets to hosting model (on prem/SaaS), access model, and criticality. - Drive application response completion (surveys, interviews, workshops) and ensure evidence is collected and stored in approved repositories (e.g., CMDB/SharePoint/ServiceNow). - Define and document ;privileged access per app (roles/entitlements, credentials, break glass accounts, service accounts/keys, cloud admin roles), aligned to the PAM Standard. - Map entitlements to accounts and controls (vaulting, rotation, JIT, session management, MFA) and identify remediation needs when gaps are found. - Analysis, risk scoring & reporting - Apply risk based prioritization using the Phase 2 model (business criticality, regulatory/data classification, foundational status, users/usage) and document rationale in CMDB attributes. - Produce application level deep dive reports (current state, control gaps, recommendations, target dates) and portfolio rollups for weekly program governance. - Standards alignment & operationalization - Ensure outcomes align to the IAM Policy and PAM Standard definitions and control expectations; raise exceptions only when justified with mitigating controls and an action plan. - Partner with app teams to establish/confirm privileged access scopes for upcoming PAR/PUAR campaigns and certify in-scope accounts accordingly Tooling & integrations - Coordinate with platform owners to onboard/vault privileged credentials and related secrets in CyberArk; ensure Okta access patterns and SailPoint IIQ governance reflect agreed entitlements. - Ensure CMDB attributes and ServiceNow IRM records reflect final risk ratings and control states for assessed applications. Tools in Environment: - Sailpoint IIQ - Sailpoint IdentityNow - Okta - CyberArk - Azure AD & Entra ID Skills IAM, Identity access management, cloud security, security, standards Top Skills Details IAM,Identity access management,cloud security,security,standards Additional Skills & Qualifications - Expertise in IAM principles, processes, and technology solutions - Demonstrated success in establishing strategic objectives and driving tactical execution of initiatives aligned with company goals and objectives - Subject matter expertise across all facets of IAM, including MFA, Secrets Management, Privileged Access Management (PAM), SSO, and identity platforms - Ability to effectively communicate with all levels of employees within scope of responsibility - Ability to effectively prioritize and execute tasks in a fast-paced - Bachelor's degree in Computer Engineering or related field - Typically a minimum of ten years of experience, with a minimum of five years in Information Security Experience Level Expert Level Pay and Benefits The pay range for this position is $70.00 - $80.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully remote position. Application Deadline This position is anticipated to close on Sep 11, 2025. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.