Title: Senior Cyber Specialist - Consumer Identity
Duration: 6 months
Location: St. Paul, MN 55117 (onsite)
 
As Senior Cyber Specialist - Consumer Identity, you will play a pivotal role in validating controls and governance supporting Customer Identity and Access Management (CIAM) platforms.  You will partner with cross-functional teams to evaluate identity configurations, uphold governance standards, and enable the secure delivery of digital identity services for consumer access across a diverse product portfolio.
You will serve as a trusted advisor on identity architecture, authentication, and authorization controls and governance.  Product Owners, Engineers, Architects will rely on your expertise and clear communication to guide decisions and maintain a secure, scalable, and compliant consumer identity ecosystem.
 
The primary duties associated with this assignment include:
CIAM Controls Assessment:

• Validate the implementation and governance of controls related to identity providers (IdP) configuration and federation protocols (e.g., SAML, OIDC).
• Evaluate the design and implementation of authorization models, including role-based (RBAC), attribute-based (ABAC), and policy-based access controls (PBAC).
• Determine the strength and efficiency of security controls governing password requirements, multi-factor authentication (MFA), and adaptive authentication for both consumer-facing access and internal platform operations.
• Assess API security, token management, and secure system integrations used for CIAM, including third-party integrations.
• Review user lifecycle automation processes, including provisioning, deprovisioning, and account synchronization.
• Assess controls surrounding user profile information.
• Analyze self-service and account recovery features for both security and usability.
• Validate logging, monitoring, and SIEM integration for identity-related events.

 
CIAM Governance Assessment:

• Assess and validate adherence to CIAM governance frameworks, including defined roles, responsibilities, and accountability structures.
• Validate the effectiveness of processes designed to ensure compliance with GDPR, CCPA, HIPAA, PCI DSS, and other applicable consumer data protection standards.
• Evaluate the effectiveness and compliance of consent and preference management mechanisms in supporting user autonomy and regulatory requirements.
• Verify data governance practices to ensure proper data minimization, retention, and classification aligned with regulatory and organizational requirements.
• Analyze identity-related risk management processes.
• Review change management and configuration control procedures.
• Verify that recurring access reviews and related documentation are in place and effectively maintained.
• Analyze the effectiveness of metrics, dashboards, and reporting tools in providing actionable insights and ensuring robust CIAM governance oversight.
• Assess vendor oversight and review of third-party security certifications (e.g., SOC 2, ISO 27001).

 
About you:

• 5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of consumer identity and access management (CIAM) governance and controls
• Deep understanding of authentication, authorization, and identity lifecycle management
• Knowledge of industry guidance related to digital authentication and lifecycle management (e.g. NIST SP 800-63B)
• Hands-on experience with assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth)
• Familiarity with modern authentication technologies such as WebAuthn and Passkeys
• Knowledge of regulatory frameworks impacting consumer identity (e.g., GDPR, CCPA, HIPAA, PCI DSS)
• Experience in risk assessment, compliance audits, and governance reporting
• Strong collaboration and influencing skills across technical and business teams
• Excellent written and verbal communication skills tailored to diverse audiences
• Strong analytical and problem-solving abilities
• Ability to manage multiple priorities in a fast-paced environment
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or a related field

 
Preferred: Professional certifications such as CISSP, CISA, CIAM, or equivalent
  
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 43.00/hr.